Tgrbirdflying

**Name of the Vulnerable Software and Affected Versions** pramodmahato BlogCMS through 2019-12-31 **Description** The issue concerns a CSRF vulnerability in the admin/changepass.php endpoint. This allows for potential unauthorized password changes. **Recommendations** For pramodmahato BlogCMS through 2019-12-31, consider implementing CSRF protection mechanisms, such as tokens, to prevent unauthorized changes to the admin password. As a temporary workaround, restrict access to the "admin/changepass.php" endpoint until a proper fix is applied.