Exploit/Advisories
Published on August 7th, 2020 📆 | 7593 Views ⚑
0All-Dynamics Digital Signage System 2.0.2 – Cross-Site Request Forgery (Add Admin)
# Exploit Title: All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery (Add Admin)
# Discovery by: LiquidWorm
# Discovery Date: 2020-08-05
# Vendor Homepage: https://www.all-dynamics.de
< !DOCTYPE html>
Grants the user the global administrative right. Administrative users are no longer under the control of the rights structure.
Global: Superior rolebased rights.
Gloss