CWE-352

HisiPHP 1.0.8 allows CSRF via admin.php/admin/user/adduser.html to add an administrator account. The attacker can then use that account to execute arbitrary PHP code by leveraging app/common/model/AdminAnnex.php to add .php to the default list of allowable file-upload types (.jpg, .png, .gif, .jpeg, and .ico).

The WP Fastest Cache plugin 0.8.8.5 for WordPress has CSRF via the wp-admin/admin.php wpfastestcacheoptions page.

/console/account/manage.php?type=action&action=add in JTBC v3.0(C) has CSRF for adding an administrator account.

An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do.

CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account.

CSRF exists in server.php in Live Call Support Application 1.5 for adding an admin account.