6 matches found
CVE-2024-39023
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via admin/infodeal.php?mudi=add&nohrefStr=close...
CVE-2024-39023
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via admin/infodeal.php?mudi=add&nohrefStr=close...
CVE-2024-39023
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via admin/infodeal.php?mudi=add&nohrefStr=close...
CVE-2024-39119
CVE-2024-39119 affects idccms v1.35, where a Cross‑Site Request Forgery (CSRF) is possible via admin/info_deal.php?mudi=rev&nohrefStr=close. The root cause is that requests from trusted users are not adequately verified, enabling an attacker to trick a victim into performing a sensitive operation...
CVE-2024-39153
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infodeal.php?mudi=del&dataType=news&dataTypeCN...
CVE-2024-39153
CVE-2024-39153 affects idccms v1.35 with a CSRF flaw in the admin component /admin/info_deal.php?mudi=del&dataType=news&dataTypeCN. The Root Cause is CSRF in that endpoint allowing unauthorized actions; impact is labeled low to moderate per CVSS 3.1 (base 4.7, MEDIUM) with low confidentiality/int...