Lucene search

CVE-2024-39020

🗓️ 05 Jul 2024 19:09:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 40 Views🌐 WEB

idccms v1.35 CSRF vulnerability in /admin/vpsApiData_deal.ph

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Vulnrichment	CVE-2024-39020	5 Jul 202400:00	–	vulnrichment
Cvelist	CVE-2024-39020	5 Jul 202400:00	–	cvelist
RedhatCVE	CVE-2024-39020	23 May 202510:09	–	redhatcve
NVD	CVE-2024-39020	5 Jul 202419:15	–	nvd

Nvd

Vulnrichment

Node

idccms idccmsMatch1.35

Source	Link
github	www.github.com/da271133/cms2/blob/main/46/csrf.md

Parameter	Position	Path	Description	CWE
mudi	query param	/admin/vpsApiData_deal.php	Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to perform unauthorized actions.	CWE-352
nohrefStr	query param	/admin/vpsApiData_deal.php	Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to perform unauthorized actions.	CWE-352

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Jul 2024 19:15Current

7.6High risk

Vulners AI Score7.6

CVSS36.3

EPSS0.00057

SSVC

CWE-352