3 matches found
CVE-2024-35108
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/homeProdeal.php?mudi=del&dataType=&dataTypeCN...
CVE-2024-35108
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/homeProdeal.php?mudi=del&dataType=&dataTypeCN...
CVE-2024-35108
CVE-2024-35108 affects idccms v1.35, with a CSRF flaw exploitable via the admin path /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN. The issue originates from a vulnerable component handling parameters mudi, dataType, and dataTypeCN in the admin module, enabling unauthorized requests. The ...