5 matches found
PT-2024-28352 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: The issue is related to a Cross-Site Request Forgery CSRF in idccms. It can be exploited via the "admin/info deal.php" endpoint with specific parameters mudi and nohrefStr. The mudi parameter is set to rev and...
CVE-2024-36549
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/vpsCompanydeal.php?mudi=rev&nohrefStr=close...
PT-2024-27067 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The issue is related to the /admin/vpsCompany deal.php endpoint, specifically with the parameters mudi and nohrefStr. Recommendations: For idcc...
CVE-2024-35561
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/cadeal.php?mudi=add&nohrefStr=close...
PT-2024-26291 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "/admin/infoType deal.php" with parameters mudi and nohrefStr. This allows for unauthorized requests. Recommendations: For idccms version...