w3irdo001/demo

Releases0

csrf

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-18449 ↗	Mar 7, 2019Thursday, 7 March 2019, 23:29	—	6.8 MEDIUM
EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339.
CVE-2018-18436 ↗	Oct 17, 2018Wednesday, 17 October 2018, 06:29	8.8 HIGH	6.8 MEDIUM
JTBC(PHP) 3.0 allows CSRF for creating an account via the console/account/manage.php?type=action&action=add URI.