CVE-2019-16706 (kkcms)

kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php.
Source: NIST
CVE-2019-16706 (kkcms)