Description
Cross-site request forgery (CSRF) vulnerability in index.php in OpenCart 1.4 allows remote attackers to hijack the authentication of an application administrator for requests that create an administrative account via a POST request with the route parameter set to "user/user/insert." NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-3278 Vulnerability (CVE-2018-3278)
PostgreSQL Other Vulnerability (CVE-2012-1618)
WordPress Plugin Backup and Staging by WP Time Capsule PHP Object Injection (1.21.9)
Oracle JRE CVE-2013-2425 Vulnerability (CVE-2013-2425)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4593)