CSRF Vulnerability in qibosoft V7.0: Unauthorized User Account Addition

CSRF Vulnerability in qibosoft V7.0: Unauthorized User Account Addition

CVE-2018-18201 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

qibosoft V7.0 allows CSRF via admin/index.php?lfj=member&action=addmember to add a user account.

Learn more about our User Device Pen Test.