An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add.Referenceshttp://www.iwantacve.cn/index.php/archives/109/https://www.exploit-db.com/exploits/46149/
