High severity8.8NVD Advisory· Published May 13, 2018· Updated Jun 17, 2026
CVE-2018-11018
CVE-2018-11018
Description
An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.0.7+ 1 more
- (no CPE)range: <=1.0.7
- (no CPE)range: =1.0.7
Patches
Vulnerability mechanics
References
1- github.com/zhaoheng521/PbootCMS/blob/master/V1.0.7%20csrfnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.