Idccms Security Vulnerabilities and Issues — Idccms CVE List

Lucene search

IdccmsIdccms

10 matches found

CVE•added 2024/05/22 2:15 p.m.•63 views

CVE-2024-35550

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=rev.

6.3CVSS7.4AI score0.00067EPSS

CVE•added 2024/05/16 3:15 p.m.•48 views

CVE-2024-34958

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add

6.5CVSS7.4AI score0.02743EPSS

CVE•added 2024/05/22 2:15 p.m.•44 views

CVE-2024-35555

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=newsWeb&fieldName=state&fieldName2=state&tabName=infoWeb&dataID=40.

6.3CVSS7.4AI score0.001EPSS

CVE•added 2024/07/10 1:15 p.m.•43 views

CVE-2024-40328

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6

6.3CVSS7.2AI score0.00057EPSS

CVE•added 2024/07/05 7:15 p.m.•42 views

CVE-2024-39020

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/vpsApiData_deal.php?mudi=rev&nohrefStr=close

6.3CVSS7.6AI score0.00057EPSS

CVE•added 2024/05/14 4:17 p.m.•41 views

CVE-2024-35012

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close.

6.3CVSS7.4AI score0.00157EPSS

CVE•added 2024/06/27 2:15 p.m.•41 views

CVE-2024-39155

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=add.

6.8CVSS7.6AI score0.00066EPSS

CVE•added 2024/07/10 2:15 p.m.•40 views

CVE-2024-40336

idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'

6.1CVSS6.1AI score0.00027EPSS

CVE•added 2024/11/21 1:15 p.m.•38 views

CVE-2024-11587

A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been ...

6.1CVSS4.1AI score0.00306EPSS

CVE•added 2024/05/15 2:15 a.m.•22 views

CVE-2024-35109

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.

6.5CVSS7.4AI score0.0005EPSS