Idccms Security Vulnerabilities and Issues — Idccms CVE List

Lucene search

IdccmsIdccms

52 matches found

CVE•added 2024/05/22 2:15 p.m.•5851 views

CVE-2024-35554

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=del&dataType=newsWeb&dataTypeCN.

5.4CVSS7.4AI score0.00186EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•5759 views

CVE-2024-35560

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=del&dataType=&dataTypeCN.

4.3CVSS7.4AI score0.00191EPSS

Web

CVE•added 2024/05/16 3:15 p.m.•74 views

CVE-2024-35039

idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.

3.8CVSS7.4AI score0.00141EPSS

Web

CVE•added 2024/05/16 3:15 p.m.•70 views

CVE-2024-34957

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet.

5.4CVSS7.4AI score0.00323EPSS

Web

CVE•added 2024/06/05 7:15 p.m.•70 views

CVE-2024-36670

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del

8.8CVSS7.4AI score0.00111EPSS

Web

CVE•added 2022/03/21 10:15 p.m.•69 views

CVE-2022-27333

idcCMS v1.10 was discovered to contain an issue which allows attackers to arbitrarily delete the install.lock file, resulting in a reset of the CMS settings and data.

7.5CVSS7.5AI score0.00188EPSS

CVE•added 2024/05/14 4:17 p.m.•68 views

CVE-2024-35009

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=&fieldName=state&fieldName2=state&tabName=banner&dataID=6.

8.8CVSS7.4AI score0.00337EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•68 views

CVE-2024-35551

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=add.

4.3CVSS7.4AI score0.00125EPSS

Web

CVE•added 2024/05/14 4:17 p.m.•67 views

CVE-2024-35011

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close.

5.4CVSS7.4AI score0.00266EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•66 views

CVE-2024-35553

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=add&nohrefStr=close.

8.3CVSS7.8AI score0.00102EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•66 views

CVE-2024-35556

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsSys_deal.php?mudi=infoSet.

8.8CVSS7.8AI score0.00208EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•65 views

CVE-2024-35550

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=rev.

6.3CVSS7.4AI score0.00067EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•64 views

CVE-2024-35552

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=del&dataType=logo&dataTypeCN.

8.8CVSS7.4AI score0.00233EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•64 views

CVE-2024-35561

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=add&nohrefStr=close.

5.4CVSS7.8AI score0.00168EPSS

Web

CVE•added 2024/05/14 4:17 p.m.•62 views

CVE-2024-35010

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6.

8.8CVSS7.4AI score0.00337EPSS

Web

CVE•added 2024/07/05 7:15 p.m.•60 views

CVE-2024-39021

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApiData_deal.php?mudi=del

5.4CVSS7.1AI score0.00091EPSS

Web

CVE•added 2024/06/27 2:15 p.m.•52 views

CVE-2024-39157

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=del&dataType=&dataID=1.

3.8CVSS7.6AI score0.00062EPSS

Web

CVE•added 2024/05/16 3:15 p.m.•51 views

CVE-2024-34958

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add

6.5CVSS7.4AI score0.02076EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•51 views

CVE-2024-35557

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApi_deal.php?mudi=rev&nohrefStr=close.

5.5CVSS7.4AI score0.001EPSS

Web

CVE•added 2024/06/27 2:15 p.m.•50 views

CVE-2024-39156

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mudi=add.

3.8CVSS7.6AI score0.00062EPSS

Web

CVE•added 2024/06/04 3:15 p.m.•47 views

CVE-2024-36547

idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=add

8.8CVSS7.8AI score0.00117EPSS

Web

CVE•added 2024/06/27 2:15 p.m.•47 views

CVE-2024-39153

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/info_deal.php?mudi=del&dataType=news&dataTypeCN.

4.7CVSS7.6AI score0.00045EPSS

Web

CVE•added 2024/11/21 1:15 p.m.•46 views

CVE-2024-11587

A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been ...

6.1CVSS4.1AI score0.00114EPSS

Web

CVE•added 2024/05/06 1:15 p.m.•46 views

CVE-2024-33830

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/readDeal.php?mudi=clearWebCache.

8.1CVSS7.4AI score0.00175EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•46 views

CVE-2024-35558

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=rev&nohrefStr=close.

8.8CVSS7.4AI score0.00214EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•46 views

CVE-2024-35559

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=rev&nohrefStr=close.

8.8CVSS7.4AI score0.00208EPSS

Web

CVE•added 2024/05/22 2:15 p.m.•45 views

CVE-2024-35555

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=newsWeb&fieldName=state&fieldName2=state&tabName=infoWeb&dataID=40.

6.3CVSS7.4AI score0.001EPSS

Web

CVE•added 2024/06/04 3:15 p.m.•45 views

CVE-2024-36548

idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/vpsCompany_deal.php?mudi=del

8.8CVSS7.8AI score0.00122EPSS

Web

CVE•added 2024/07/10 1:15 p.m.•45 views

CVE-2024-40328

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6

6.3CVSS7.2AI score0.00147EPSS

Web

CVE•added 2024/06/04 3:15 p.m.•44 views

CVE-2024-36549

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close

8.8CVSS7.8AI score0.00135EPSS

Web

CVE•added 2024/05/14 4:17 p.m.•43 views

CVE-2024-35012

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close.

6.3CVSS7.4AI score0.00157EPSS

Web

CVE•added 2024/07/05 7:15 p.m.•43 views

CVE-2024-39019

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=del

5.4CVSS7.6AI score0.00097EPSS

Web

CVE•added 2024/07/05 7:15 p.m.•43 views

CVE-2024-39020

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/vpsApiData_deal.php?mudi=rev&nohrefStr=close

6.3CVSS7.6AI score0.0007EPSS

Web

CVE•added 2024/06/27 2:15 p.m.•43 views

CVE-2024-39155

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=add.

6.8CVSS7.6AI score0.00071EPSS

Web

CVE•added 2024/05/06 1:15 p.m.•42 views

CVE-2024-33829

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/readDeal.php?mudi=updateWebCache.

5.4CVSS7.4AI score0.0011EPSS

Web

CVE•added 2024/07/05 7:15 p.m.•42 views

CVE-2024-39023

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/info_deal.php?mudi=add&nohrefStr=close

8.8CVSS7.6AI score0.00112EPSS

Web

CVE•added 2024/06/04 3:15 p.m.•41 views

CVE-2024-36550

idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=add&nohrefStr=close

8.8CVSS7.8AI score0.00128EPSS

Web

CVE•added 2024/07/05 7:15 p.m.•41 views

CVE-2024-39022

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/infoSys_deal.php?mudi=deal

8.8CVSS7.6AI score0.00112EPSS

Web

CVE•added 2024/06/27 2:15 p.m.•41 views

CVE-2024-39154

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mudi=del&dataType=word&dataTypeCN.

8.8CVSS7.6AI score0.00103EPSS

Web

CVE•added 2024/07/10 2:15 p.m.•41 views

CVE-2024-40331

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup

8.8CVSS7.2AI score0.00128EPSS

Web

CVE•added 2024/07/10 1:15 p.m.•41 views

CVE-2024-40333

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=del&dataID=2

8.8CVSS7.2AI score0.00321EPSS

Web

CVE•added 2024/07/10 2:15 p.m.•41 views

CVE-2024-40336

idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'

6.1CVSS6.1AI score0.00072EPSS

CVE•added 2024/07/02 1:15 p.m.•40 views

CVE-2024-39119

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal.php?mudi=rev&nohrefStr=close.

5.4CVSS7.6AI score0.00124EPSS

Web

CVE•added 2024/07/10 1:15 p.m.•39 views

CVE-2024-40329

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=backup

8.8CVSS7.2AI score0.00235EPSS

Web

CVE•added 2024/07/09 7:15 p.m.•38 views

CVE-2024-40038

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=rev

5.3CVSS7.2AI score0.00075EPSS

Web

CVE•added 2024/06/27 2:15 p.m.•37 views

CVE-2024-39158

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/userSys_deal.php?mudi=infoSet.

8.8CVSS7.6AI score0.00146EPSS

Web

CVE•added 2024/07/09 7:15 p.m.•37 views

CVE-2024-40035

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=add.

5.9CVSS7.6AI score0.00075EPSS

Web

CVE•added 2024/07/10 1:15 p.m.•37 views

CVE-2024-40334

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3

8.8CVSS7.2AI score0.00235EPSS

Web

CVE•added 2024/07/10 2:15 p.m.•36 views

CVE-2024-40332

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord

8.8CVSS7.7AI score0.0005EPSS

Web

CVE•added 2024/07/09 7:15 p.m.•35 views

CVE-2024-40036

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=add&nohrefStr=close

8.8CVSS7.2AI score0.00321EPSS

Web

Total number of security vulnerabilities52