Description
Cross-site request forgery (CSRF) vulnerability in index.php in OpenCart 1.4 allows remote attackers to hijack the authentication of an application administrator for requests that create an administrative account via a POST request with the route parameter set to "user/user/insert." NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Joomla! Core 1.6.0 Spam (1.6.0)
WordPress Plugin WassUp Real Time Analytics Cross-Site Scripting (1.9)
WordPress Plugin Comment Attachment Cross-Site Scripting (1.5.5)
Microsoft SQL Server Other Vulnerability (CVE-2000-0485)
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2024-41991)