An issue exists in AuraCMS 2.3. There is a CSRF vulnerability that can change the administrator's password via admin.php?mod=users and subsequently add a page or menu, or submit a topic.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
auracms auracms 2.3 |