Hi, I would like to report CSRF vulnerability inCsCMS V4.1.
There is a CSRF vulnerability that can change of payment account to steal property.
POC:
1.Login to administrator panel.
2.Open below URL in browser which supports flash.
url:http://www.cscms.com/admin.php/pay
eg:
1.Before modification
Hi, I would like to report CSRF vulnerability inCsCMS V4.1.

There is a CSRF vulnerability that can change of payment account to steal property.
POC:
1.Login to administrator panel.
2.Open below URL in browser which supports flash.
url:http://www.cscms.com/admin.php/pay
eg:
1.Before modification
2.CSRF POC
csrfpoc.txt
3.After modification

The text was updated successfully, but these errors were encountered: