Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS prior to 2.9 build 21905 allows remote malicious users to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
umi-cms umi.cms 2.8.6 |
||
umi-cms umi.cms 2.8.5.2 |
||
umi-cms umi.cms 2.8.4 |
||
umi-cms umi.cms 2.8.2 |
||
umi-cms umi.cms 2.8.0 |
||
umi-cms umi.cms 2.7.3 |
||
umi-cms umi.cms 2.7.0 |
||
umi-cms umi.cms 2.6.3 |
||
umi-cms umi.cms 2.6.1 |
||
umi-cms umi.cms 2.8.6.1 |
||
umi-cms umi.cms 2.8.1.3 |
||
umi-cms umi.cms 2.8.1.2 |
||
umi-cms umi.cms 2.8.1 |
||
umi-cms umi.cms 2.8.0.5 |
||
umi-cms umi.cms 2.5.3 |
||
umi-cms umi.cms 2.5.2 |
||
umi-cms umi.cms 2.5.0 |
||
umi-cms umi.cms 2.3.3.9 |
||
umi-cms umi.cms 2.8.5 |
||
umi-cms umi.cms 2.8.4.4 |
||
umi-cms umi.cms 2.8.4.3 |
||
umi-cms umi.cms 2.8.4.2 |
||
umi-cms umi.cms 2.6.8 |
||
umi-cms umi.cms 2.6.7 |
||
umi-cms umi.cms 2.6.5 |
||
umi-cms umi.cms 2.6.4 |
||
umi-cms umi.cms 2.8.5.3 |
||
umi-cms umi.cms 2.8.5.1 |
||
umi-cms umi.cms 2.8.4.1 |
||
umi-cms umi.cms 2.8.3 |
||
umi-cms umi.cms 2.7.4 |
||
umi-cms umi.cms 2.7.2 |
||
umi-cms umi.cms 2.6.2 |
||
umi-cms umi.cms 2.6 |
||
umi-cms umi.cms |