Idccms CVEs and Security Vulnerabilities

Filtered by vendor Idccms Subscriptions

Filtered by product Idccms Subscriptions

Search

Switch to Advanced Search (Beta)

Total 11 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-36550	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=add&nohrefStr=close
CVE-2024-36549	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close
CVE-2024-36548	2 Idccms, Idccms Project	2 Idccms, Idccms	2025-02-13	5.4 Medium
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/vpsCompany_deal.php?mudi=del
CVE-2024-36547	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=add
CVE-2024-35556	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsSys_deal.php?mudi=infoSet.
CVE-2024-35553	1 Idccms	1 Idccms	2025-02-13	8.3 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35552	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=del&dataType=logo&dataTypeCN.
CVE-2024-35010	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6.
CVE-2024-11587	1 Idccms	1 Idccms	2024-11-22	3.5 Low
A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-40334	2 Idccms, Idccms Project	2 Idccms, Idccms	2024-11-21	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3
CVE-2024-40332	2 Idccms, Idccms Project	2 Idccms, Idccms	2024-11-21	6.8 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord

Page 1 of 1.