2 matches found
CVE-2024-40034
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/userLeveldeal.php?mudi=del...
CVE-2024-40034
CVE-2024-40034 : A Cross-Site Request Forgery (CSRF) vulnerability affects idccms v1.35, exploitable via the /admin/userLevel_deal.php?mudi=del endpoint. The issue enables unauthorized actions without authentication or with user interaction. CVSS v3.1 base metrics indicate high impact to confiden...