Filtered by vendor Idccms
Subscribe
Total
53 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-4172 | 1 Idccms | 1 Idccms | 2025-10-15 | 5.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability classified as problematic was found in idcCMS 1.35. Affected by this vulnerability is an unknown functionality of the file /admin/admin_cl.php?mudi=revPwd. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261991.
|
|||||
| CVE-2022-27333 | 1 Idccms | 1 Idccms | 2025-04-22 | 5.0 MEDIUM | 7.5 HIGH |
|
idcCMS v1.10 was discovered to contain an issue which allows attackers to arbitrarily delete the install.lock file, resulting in a reset of the CMS settings and data.
|
|||||
| CVE-2024-34957 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.4 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet.
|
|||||
| CVE-2024-34958 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.5 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add
|
|||||
| CVE-2024-35011 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.4 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close.
|
|||||
| CVE-2024-35012 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.3 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close.
|
|||||
| CVE-2024-35039 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 3.8 LOW |
|
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.
|
|||||
| CVE-2024-35108 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN.
|
|||||
| CVE-2024-35109 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.5 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.
|
|||||
| CVE-2024-36670 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del
|
|||||
| CVE-2024-39019 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.4 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=del
|
|||||
| CVE-2024-39020 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.3 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/vpsApiData_deal.php?mudi=rev&nohrefStr=close
|
|||||
| CVE-2024-39021 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.4 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApiData_deal.php?mudi=del
|
|||||
| CVE-2024-39022 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/infoSys_deal.php?mudi=deal
|
|||||
| CVE-2024-39023 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/info_deal.php?mudi=add&nohrefStr=close
|
|||||
| CVE-2024-39119 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.4 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal.php?mudi=rev&nohrefStr=close.
|
|||||
| CVE-2024-39153 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 4.7 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/info_deal.php?mudi=del&dataType=news&dataTypeCN.
|
|||||
| CVE-2024-39154 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mudi=del&dataType=word&dataTypeCN.
|
|||||
| CVE-2024-39155 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.8 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=add.
|
|||||
| CVE-2024-39156 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 3.8 LOW |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mudi=add.
|
|||||
| CVE-2024-39157 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 3.8 LOW |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=del&dataType=&dataID=1.
|
|||||
| CVE-2024-39158 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/userSys_deal.php?mudi=infoSet.
|
|||||
| CVE-2024-40035 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.9 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=add.
|
|||||
| CVE-2024-40036 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=add&nohrefStr=close
|
|||||
| CVE-2024-40038 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.3 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=rev
|
|||||
| CVE-2024-40328 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.3 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6
|
|||||
| CVE-2024-40329 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=backup
|
|||||
| CVE-2024-40331 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup
|
|||||
| CVE-2024-40333 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=del&dataID=2
|
|||||
| CVE-2024-40336 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.1 MEDIUM |
|
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'
|
|||||
| CVE-2024-33829 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.4 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/readDeal.php?mudi=updateWebCache.
|
|||||
| CVE-2024-35010 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6.
|
|||||
| CVE-2024-35009 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=&fieldName=state&fieldName2=state&tabName=banner&dataID=6.
|
|||||
| CVE-2024-33830 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.1 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/readDeal.php?mudi=clearWebCache.
|
|||||
| CVE-2024-35550 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 6.3 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=rev.
|
|||||
| CVE-2024-35551 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 4.3 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=add.
|
|||||
| CVE-2024-35552 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 8.8 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=del&dataType=logo&dataTypeCN.
|
|||||
| CVE-2024-35553 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 8.3 HIGH |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=add&nohrefStr=close.
|
|||||
| CVE-2024-35554 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 5.4 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=del&dataType=newsWeb&dataTypeCN.
|
|||||
| CVE-2024-35555 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 6.3 MEDIUM |
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=newsWeb&fieldName=state&fieldName2=state&tabName=infoWeb&dataID=40.
|
|||||