High severity8.8NVD Advisory· Published Sep 4, 2018· Updated Jun 17, 2026
CVE-2018-16448
CVE-2018-16448
Description
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- github.com/chshcms/cscms/issues/1nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.