CVE-2019-16721 (nonecms)

NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user.
Source: NIST
CVE-2019-16721 (nonecms)