HomePentest-Tools.com Logo

CMS Made Simple < 2.1.6 CSRF Vulnerability CVE-2016-7904

Severity
CVSSv3 Score
8
Vulnerability description

CMS Made Simple is prone to a CSRF vulnerability.

Risk description

Cross-site request forgery (CSRF) vulnerability allows remote attackers to hijack the authentication of administrators for requests that create accounts via an admin/adduser.php request.

Recommendation

Upgrade to version 2.1.6 or later

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jan 16, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available