CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has bee...

6.1CVSS6AI score0.01094EPSS

Exploits1References1

RedhatCVE•added 2025/02/14 5:19 a.m.•6 views

CVE-2024-36547

idccms V1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/vpsClassdeal.php?mudi=add...

8.8CVSS7.5AI score0.00133EPSS

Exploits1References3

RedhatCVE•added 2025/02/14 5:16 a.m.•6 views

CVE-2024-36670

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/vpsClassdeal.php?mudi=del...

8.8CVSS7.5AI score0.00144EPSS

Exploits1References3

RedhatCVE•added 2025/02/14 1:19 a.m.•6 views

CVE-2024-35551

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoWebdeal.php?mudi=add...

4.3CVSS7.5AI score0.00105EPSS

Exploits1References3

RedhatCVE•added 2025/02/14 12:37 a.m.•10 views

CVE-2024-35553

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoMovedeal.php?mudi=add=close...

8.3CVSS7.5AI score0.00139EPSS

Exploits1References3

RedhatCVE•added 2025/02/13 11:47 p.m.•7 views

CVE-2024-35557

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/vpsApideal.php?mudi=rev=close...

5.5CVSS7.5AI score0.00135EPSS

Exploits1References3

OSV•added 2024/07/10 1:15 p.m.•1 views

CVE-2024-40328

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/memberOnlinedeal.php?mudi=del&dataType=&dataID=6...

6.3CVSS5.8AI score

Exploits0References1

OSV•added 2024/07/10 1:15 p.m.•1 views

CVE-2024-40333

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/softBakdeal.php?mudi=del&dataID=2...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2024/07/09 7:15 p.m.•0 views

CVE-2024-40035

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/userLeveldeal.php?mudi=add...

5.9CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2024/07/09 12:0 a.m.•2 views

PT-2024-28765 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This vulnerability can be exploited via the "/admin/userScore deal.php" endpoint, specifically when the mudi parameter is set to "rev"...

5.3CVSS6.9AI score0.00102EPSS

Exploits1References6

OSV•added 2024/07/05 7:15 p.m.•1 views

CVE-2024-39023

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via admin/infodeal.php?mudi=add&nohrefStr=close...

8.8CVSS5.8AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by