PT-2024-28333 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The vulnerability can be exploited via the "/admin/infoSys deal.php" endpoint, specifically when the mudi parameter is set to deal. This allows...

PT-2024-28368 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF that affects the /admin/keyWord deal.php component when the mudi parameter is set to add. This allows for unauthorized requests to be made on behalf of...

PT-2024-28367 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /admin/ipRecord deal.php component when the mudi parameter is set to add. This allows for unauthorized actions to be performed. Recommendations:...

CVE-2024-36669

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/typedeal.php?mudi=add...

PT-2024-27112 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the admin/type deal.php component, specifically when the mudi parameter is set to add. This allows for unauthorized requests to be made on behalf of...

CVE-2024-36547

idccms V1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/vpsClassdeal.php?mudi=add...

PT-2024-27065 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF that was discovered in idccms. This CSRF is via the component "admin/vpsClass deal.php?mudi=add". Recommendations: For idccms version 1.35, as a...

PT-2024-27067 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The issue is related to the /admin/vpsCompany deal.php endpoint, specifically with the parameters mudi and nohrefStr. Recommendations: For idcc...

CVE-2024-35551

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoWebdeal.php?mudi=add...

PT-2024-26547 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /admin/ca deal.php component. The API Endpoint "/admin/ca deal.php" is vulnerable, specifically with parameters mudi=del and empty dataType and...

PT-2024-26320 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/admin/homePro deal.php" with parameters mudi, dataType, and dataTypeCN. This issue allows for unauthorized requests. Recommendations: F...

PT-2024-26288 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the component /admin/share switch.php. This component is vulnerable due to the presence of certain parameters, including mudi, dataType, fieldName,...

CVE-2024-33830

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/readDeal.php?mudi=clearWebCache...

PT-2024-25500 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component /admin/readDeal.php?mudi=updateWebCache. This issue allows for potential exploitation. Recommendations: For idccms version 1.35, consider...

PT-2024-25501 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the /admin/readDeal.php component, specifically via the mudi parameter set to clearWebCache. This allows for unauthorized actions to be performed on...

CVE-2024-4172 idcCMS cross-site request forgery

A vulnerability classified as problematic was found in idcCMS 1.35. Affected by this vulnerability is an unknown functionality of the file /admin/admincl.php?mudi=revPwd. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to t...

CVE-2024-4172

CVE-2024-4172 affects idcCMS 1.35. The vulnerability involves an unknown functionality at /admin/admin_cl.php?mudi=revPwd that enables cross-site request forgery. The issue can be exploited remotely and the exploit has been disclosed publicly (VDB-261991). Multiple connected records corroborate t...