A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated malicious users to arbitrarily add administrator users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dswjcms project dswjcms 1.6.4 |