A CSRF vulnerability in Eyoucms v1.2.7 allows an malicious user to add an admin account via login.php.
eyoucms eyoucms 1.2.7