EUVD-2025-147327

Malicious code in uaragia-mudi-syuf npm...

CVE-2023-24261

A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request...

PT-2024-28813 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The vulnerability can be exploited via the "/admin/serverFile deal.php" endpoint, specifically when the mudi parameter is set to "upFileDel" an...

PT-2024-28765 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This vulnerability can be exploited via the "/admin/userScore deal.php" endpoint, specifically when the mudi parameter is set to "rev"...

PT-2024-28761 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The issue is related to the "/admin/userLevel deal.php" API endpoint, specifically with the mudi parameter when set to "del". This allows for...

PT-2024-28764 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was found in idccms. The issue is related to the "/admin/userScore deal.php" API endpoint, specifically with the mudi parameter set to "del". This allows for unauthorize...

PT-2024-28762 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The issue is related to the "/admin/userLevel deal.php?mudi=add" endpoint. This allows for potentially malicious requests to be made without th...

CVE-2024-40034

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/userLeveldeal.php?mudi=del...

CVE-2024-40038

CVE-2024-40038 affects idccms v1.35. A CSRF vulnerability exists via the endpoint "/admin/userScore_deal.php?mudi=rev". The CVSS 3.1 base score is 5.3 (Medium) with local attack vector, low impact on confidentiality, integrity, and availability, and user interaction required. Impact and root caus...

CVE-2024-39019

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/idcProDatadeal.php?mudi=del...

PT-2024-28329 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The vulnerability can be exploited via the "/admin/idcProData deal.php" endpoint, specifically when the mudi parameter is set to "del". This...

PT-2024-28352 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in idccms. It can be exploited via the "admin/info deal.php" endpoint with specific parameters mudi and nohrefStr. The mudi parameter is set to rev and...

CVE-2024-39156

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/keyWorddeal.php?mudi=add...

PT-2024-28368 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF that affects the /admin/keyWord deal.php component when the mudi parameter is set to add. This allows for unauthorized requests to be made on behalf of...

PT-2024-28367 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /admin/ipRecord deal.php component when the mudi parameter is set to add. This allows for unauthorized actions to be performed. Recommendations:...

CVE-2024-36669

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component admin/typedeal.php?mudi=add...

PT-2024-27114 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "admin/vpsClass deal.php?mudi=del". This issue allows for unauthorized requests to be made on behalf of the user. Recommendations: For...

PT-2024-27112 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the admin/type deal.php component, specifically when the mudi parameter is set to add. This allows for unauthorized requests to be made on behalf of...

CVE-2024-36549

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/vpsCompanydeal.php?mudi=rev&nohrefStr=close...

PT-2024-27065 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF that was discovered in idccms. This CSRF is via the component "admin/vpsClass deal.php?mudi=add". Recommendations: For idccms version 1.35, as a...