CVE-2018-16732

CVE-2018-16732

EPSS 0.5%

\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/AvaterXXX/CScms/blob/master/CScms_csrf.md https://www.patec.cn/newsshow.php?cid=24&id=123