CVE-2018-5969

Name of the Vulnerable Software and Affected Versions: Photography CMS version 1.0

Description: A Cross Site Request Forgery (CSRF) issue exists, allowing attackers to perform unauthorized actions, such as adding an admin account, by exploiting the clients/resources/ajax/ajax new admin.php endpoint.

Recommendations: For Photography CMS version 1.0, consider implementing proper CSRF token validation to prevent unauthorized requests to the clients/resources/ajax/ajax new admin.php endpoint. As a temporary workaround, restrict access to this endpoint to minimize the risk of exploitation.