{"id":"CVE-2019-9549","details":"An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=user&act=addnew URI, as demonstrated by adding a level=1 account, a similar issue to CVE-2018-18935.","modified":"2026-04-11T20:27:30.295579Z","published":"2019-03-03T19:29:00.260Z","references":[{"type":"EVIDENCE","url":"https://github.com/PopojiCMS/PopojiCMS/issues/17"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/popojicms/popojicms","events":[{"introduced":"0"},{"last_affected":"07c36e2c8f2ecf27015d838d607db692385b53da"}],"database_specific":{"cpe":"cpe:2.3:a:popojicms:popojicms:2.0.1:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"2.0.1"}],"source":"CPE_FIELD"}}],"versions":["v2.0.0","v2.0.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-9549.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}