1 results (0.002 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1
CVE-2020-21139
https://notcve.org/view.php?id=CVE-2020-21139
EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add admin accounts via /admin.html?do=user&act=add. Se ha detectado que EC Cloud E-Commerce System versión v1.3, contiene una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) que permite a atacantes añadir arbitrariamente cuentas de administrador por medio de /admin.html?do=user&act=add • https://github.com/Ryan0lb/EC-cloud-e-commerce-system-CVE-application/blob/master/README.md • CWE-352: Cross-Site Request Forgery (CSRF) •