CVE-2018-10185

An issue was discovered in TuziCMS v2.0.6. There is a CSRF vulnerability that can add an admin account, as demonstrated by a history.pushState call.
References
Link Resource
https://github.com/yeyinshi/tuzicms/issues/1 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:tuzicms:tuzicms:2.0.6:*:*:*:*:*:*:*

Information

Published : 2018-04-17 07:29

Updated : 2018-05-21 04:25


NVD link : CVE-2018-10185

Mitre link : CVE-2018-10185

Products Affected
No products.
CWE