MidnightBSD

Advisories for akcms_project

CVE-2018-12582 MEDIUM

An issue was discovered in AKCMS 6.1. CSRF can add an admin account via a /index.php?file=account&action=manageaccounts&job=newaccount URI.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
akcms_project akcms 6.1
CVE-2018-12583 MEDIUM

An issue was discovered in AKCMS 6.1. CSRF can delete an article via an admincp deleteitem action to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
akcms_project akcms 6.1