CVE-2018-16315

Name of the Vulnerable Software and Affected Versions waimai Super Cms version 20150505

Description The issue allows for a change in configuration via the admin.php?m=Config&a=add endpoint. This is achieved through a CSRF vulnerability, which can be exploited to modify settings without the user's knowledge or consent.

Recommendations For waimai Super Cms version 20150505, as a temporary workaround, consider restricting access to the admin.php?m=Config&a=add endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.