An issue exists in index.php in baijiacms V4 v4_1_4_20170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
baijiacms project baijiacms 4_1_4_20170105 |
Vulmon