CVE-2019-8347

Publication date

2019-02-15 15:00:00

Family

mitre

State

PUBLISHED

Description

BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI.