CVE-2020-20945

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

A Cross-Site Request Forgery (CSRF) in /admin/index.php?lfj=member&action=editmember of Qibosoft v7 allows attackers to arbitrarily add administrator accounts.

Reference Links(if available):

  • https://blog.csdn.net/he_and/article/details/102698171
  • http://www.qibosoft.com/downloadProduction.htm
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Available for Amazon Prime