An issue exists in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
idreamsoft icms 7.0.9