17 matches found
PT-2024-28765 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This vulnerability can be exploited via the "/admin/userScore deal.php" endpoint, specifically when the mudi parameter is set to "rev"...
PT-2024-28764 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was found in idccms. The issue is related to the "/admin/userScore deal.php" API endpoint, specifically with the mudi parameter set to "del". This allows for unauthorize...
PT-2024-28761 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The issue is related to the "/admin/userLevel deal.php" API endpoint, specifically with the mudi parameter when set to "del". This allows for...
PT-2024-28762 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The issue is related to the "/admin/userLevel deal.php?mudi=add" endpoint. This allows for potentially malicious requests to be made without th...
PT-2024-28329 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The vulnerability can be exploited via the "/admin/idcProData deal.php" endpoint, specifically when the mudi parameter is set to "del". This...
PT-2024-28352 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in idccms. It can be exploited via the "admin/info deal.php" endpoint with specific parameters mudi and nohrefStr. The mudi parameter is set to rev and...
PT-2024-28368 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF that affects the /admin/keyWord deal.php component when the mudi parameter is set to add. This allows for unauthorized requests to be made on behalf of...
PT-2024-27114 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "admin/vpsClass deal.php?mudi=del". This issue allows for unauthorized requests to be made on behalf of the user. Recommendations: For...
PT-2024-27112 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the admin/type deal.php component, specifically when the mudi parameter is set to add. This allows for unauthorized requests to be made on behalf of...
PT-2024-27065 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF that was discovered in idccms. This CSRF is via the component "admin/vpsClass deal.php?mudi=add". Recommendations: For idccms version 1.35, as a...
PT-2024-27066 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF that was discovered in idccms. This CSRF is accessible via the "admin/vpsCompany deal.php?mudi=del" endpoint. Recommendations: For idccms version 1.35,...
PT-2024-27067 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The issue is related to the /admin/vpsCompany deal.php endpoint, specifically with the parameters mudi and nohrefStr. Recommendations: For idcc...
PT-2024-26272 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms via the component "admin/banner deal.php?mudi=add". This allows for potential unauthorized actions. Recommendations: For idccms version 1.35, as...
PT-2024-26321 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/homePro deal.php" with parameters mudi and nohrefStr. This allows for unauthorized requests to be made. Recommendations: For idccms...
PT-2024-26291 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/admin/infoType deal.php" with parameters mudi and nohrefStr. This allows for unauthorized requests. Recommendations: For idccms version...
PT-2024-26290 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /admin/banner deal.php component. The mudi, dataType, dataTypeCN, theme, and dataID parameters are involved. This allows for unauthorized action...
PT-2024-25501 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the /admin/readDeal.php component, specifically via the mudi parameter set to clearWebCache. This allows for unauthorized actions to be performed on...