Albert5888

**Name of the Vulnerable Software and Affected Versions** Shopxian CMS version 3.0.0 **Description** A CSRF issue allows deletion of a specified column via the "index.php/contents-admin cat-finderdel-model-ContentsCat.html" endpoint, specifically when the `id` parameter is set to 17. **Recommendations** For Shopxian CMS version 3.0.0, as a temporary workaround, consider restricting access to the "index.php/contents-admin cat-finderdel-model-ContentsCat.html" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.