Adive Framework 2.0.8 has admin/config CSRF to change the Administrator password.
https://www.exploit-db.com/exploits/47946
https://github.com/ferdinandmartin/adive-php7/blob/master/README.md
http://packetstormsecurity.com/files/156106/Adive-Framework-2.0.8-Cross-Site-Request-Forgery.html