There is a cross-site request forgery vulnerability in admin.php?mod=users
It and can change administrator's password.
First:
After the administrator logged in,open the poc page.
Aura.txt to Aura.html --> 1.add page;2.add menu;3.Submit topic
1.add page
2.add menu
3.submit topic
4.CSRF POC:
There is a cross-site request forgery vulnerability in admin.php?mod=users







It and can change administrator's password.
First:
After the administrator logged in,open the poc page.
Aura.txt to Aura.html --> 1.add page;2.add menu;3.Submit topic
1.add page
2.add menu
3.submit topic
4.CSRF POC:
Aura.txt
The text was updated successfully, but these errors were encountered: