cve/2013/CVE-2013-2754.md

CVE-2013-2754

Description

Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/.

POC

Reference

• http://packetstormsecurity.com/files/121564/UMI.CMS-2.9-Cross-Site-Request-Forgery.html

Github

No PoCs found on GitHub currently.