CSRF Vulnerability in NoneCms 1.3.0 Allows Unauthorized Account Manipulation

CVE-2018-7219 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request.

Learn more about our Cms Pen Testing.