idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=add
github.com/da271133/cms/blob/main/32/csrf.md