{"id":"CVE-2018-13040","details":"OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI.","modified":"2026-04-10T04:07:13.828964Z","published":"2018-07-01T18:29:00.363Z","references":[{"type":"EVIDENCE","url":"https://github.com/OpenSID/OpenSID/issues/1176"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opensid/opensid","events":[{"introduced":"0"},{"last_affected":"29ad02281e5c420a4a0f944e3808ec55e1189d6b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"18.06-pasca"}]}}],"versions":["v.1.2.1","v0.1","v0.10","v0.2","v0.3","v0.3.1","v0.4","v0.4.1","v0.5","v0.5.1","v0.5.2","v0.6","v0.6.1","v0.6.2","v0.6.3","v0.7","v0.7.1","v0.7.2","v0.8","v0.8.1","v0.8.2","v0.9.1","v0.9.2","v1.0","v1.1","v1.1.1","v1.10","v1.11","v1.11.1","v1.12","v1.13","v1.14","v1.15","v1.16","v1.17","v1.2","v1.2.2","v1.2.3","v1.2.4","v1.3","v1.4","v1.5","v1.5.1","v1.6","v1.7","v1.8","v1.9","v1.9.1","v18.06","v2.0","v2.1","v2.10","v2.11","v2.12","v2.2","v2.3","v2.4","v2.5","v2.5.1","v2.6","v2.7","v2.8","v2.9","v9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-13040.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}