CVE-2019-7569

Name of the Vulnerable Software and Affected Versions doyocms version 2.3(20140425 update)

Description An issue was discovered that allows for a CSRF vulnerability, enabling the addition of a super administrator account via the "admin.php?c=a adminuser&a=add&run=1" endpoint. The c, a, and run variables are utilized in this process.

Recommendations For doyocms version 2.3(20140425 update), as a temporary workaround, consider restricting access to the "admin.php?c=a adminuser&a=add&run=1" endpoint to prevent potential exploitation. Additionally, avoid using the c, a, and run variables in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.