CVE-2018-7176

FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).

Date published : 2018-02-15

https://www.exploit-db.com/exploits/44137/

https://securitywarrior9.blogspot.in/2018/02/cross-site-request-forgery-front.html