← back
CVE-2018-7176

CVE-2018-7176

EPSS 2.5%
FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44137/unverifiedexploitdbwww.exploit-db.com/exploits/44137unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://securitywarrior9.blogspot.in/2018/02/cross-site-request-forgery-front.htmlhttps://www.exploit-db.com/exploits/44137/