1 results (0.004 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add admin accounts via /admin.html?do=user&act=add. Se ha detectado que EC Cloud E-Commerce System versión v1.3, contiene una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) que permite a atacantes añadir arbitrariamente cuentas de administrador por medio de /admin.html?do=user&act=add • https://github.com/Ryan0lb/EC-cloud-e-commerce-system-CVE-application/blob/master/README.md • CWE-352: Cross-Site Request Forgery (CSRF) •