Sunj3T

**Name of the Vulnerable Software and Affected Versions** daveismyname simple-cms through 2014-03-11 **Description** The issue allows for adding a page without requiring authentication, which can be exploited via CSRF. This is due to a lack of authentication requirement in the "admin/addpage.php" endpoint. **Recommendations** For daveismyname simple-cms through 2014-03-11, consider implementing proper authentication mechanisms for the "admin/addpage.php" endpoint to prevent unauthorized access. As a temporary workaround, restrict access to the "admin/addpage.php" endpoint to minimize the risk of exploitation.