Описание
Cross-site request forgery (CSRF) vulnerability in admin/admin_account.php in Skalinks 1.5 and earlier allows remote attackers to add arbitrary privileged accounts as administrators via the admin_name, admin_password, admin_type, and Add_admin parameters.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:skalinks:skalinks:1.5:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00286
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
почти 4 года назад
Cross-site request forgery (CSRF) vulnerability in admin/admin_account.php in Skalinks 1.5 and earlier allows remote attackers to add arbitrary privileged accounts as administrators via the admin_name, admin_password, admin_type, and Add_admin parameters.
EPSS
Процентиль: 52%
0.00286
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-352