Published on August 7th, 2020 📆 | 3624 Views ⚑0
All-Dynamics Digital Signage System 2.0.2 – Cross-Site Request Forgery (Add Admin)
# Exploit Title: All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery (Add Admin) # Discovery by: LiquidWorm # Discovery Date: 2020-08-05 # Vendor Homepage: https://www.all-dynamics.de < !DOCTYPE html>
Grants the user the global administrative right. Administrative users are no longer under the control of the rights structure.
Global: Superior rolebased rights.