CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Unauthorized Username Change

CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Unauthorized Username Change

CVE-2018-18712 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.

Learn more about our Cms Pen Testing.