CVE-2020-19886
Published
CVSS v3
8.1
HIGH
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for an /index.php?dbhcms_pid=-80&deletemenu=9 can delete any menu.
DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for an /index.php?dbhcms_pid=-80&deletemenu=9 can delete any menu.
GitHub