VYPR
Medium severity6.8NVD Advisory· Published Aug 12, 2021· Updated Jun 17, 2026

CVE-2020-18457

CVE-2020-18457

Description

Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html.

Affected products

2
  • bycms/bycmsdescription
  • Bycms/bycmsllm-create
    Range: =1.3.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.