2 matches found
CVE-2024-35554
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoWebdeal.php?mudi=del&dataType=newsWeb&dataTypeCN...
CVE-2024-35551
CVE-2024-35551 affects idccms v1.35 and is a Cross-Site Request Forgery (CSRF) vulnerability in the endpoint /admin/infoWeb_deal.php?mudi=add. Red Hat and NVD entries corroborate the issue; PT-Security adds a practical workaround: restrict access to that endpoint and avoid using the mudi paramete...