Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35557 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 5.5 MEDIUM |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApi_deal.php?mudi=rev&nohrefStr=close. | |||||
| CVE-2024-35558 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=rev&nohrefStr=close. | |||||
| CVE-2024-35559 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=rev&nohrefStr=close. | |||||
| CVE-2024-35560 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 4.3 MEDIUM |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=del&dataType=&dataTypeCN. | |||||
| CVE-2024-35561 | 1 Idccms | 1 Idccms | 2025-04-09 | N/A | 5.4 MEDIUM |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=add&nohrefStr=close. | |||||
| CVE-2024-11587 | 1 Idccms | 1 Idccms | 2024-11-22 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-40334 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3 | |||||
| CVE-2024-40332 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord | |||||
| CVE-2024-36550 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=add&nohrefStr=close | |||||
| CVE-2024-36549 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close | |||||
| CVE-2024-36548 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/vpsCompany_deal.php?mudi=del | |||||
| CVE-2024-36547 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=add | |||||