WTCMS 1.0 allows index.php?g=admin&m=index&a=index CSRF with resultant XSS.Referenceshttp://www.iwantacve.cn/index.php/archives/344/
