Medium severity6.8NVD Advisory· Published Aug 12, 2021· Updated Jun 17, 2026
CVE-2020-18457
CVE-2020-18457
Description
Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html.
Affected products
2- bycms/bycmsdescription
Patches
Vulnerability mechanics
References
1- github.com/hillerlin/bycms/issues/3nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.