Cross-site request forgery (CSRF) vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote malicious users to assign the superadmin privilege level to arbitrary accounts as administrators via an "update member" action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webspell webspell 4.01.02 |