Idccms

idccms

53 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (53)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-35039 1Idccms 1Idccms Jun 17, 2026 May 16, 2024 N/A· v4 3.8 LOW· v3 N/A· v2 idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.
CVE-2024-34958 1Idccms 1Idccms Jun 17, 2026 May 16, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add
CVE-2024-34957 1Idccms 1Idccms Jun 17, 2026 May 16, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet.
CVE-2024-35109 1Idccms 1Idccms Jun 17, 2026 May 15, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35108 1Idccms 1Idccms Jun 17, 2026 May 15, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN.
CVE-2024-35012 1Idccms 1Idccms Jun 17, 2026 May 14, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35011 1Idccms 1Idccms Jun 17, 2026 May 14, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close.
CVE-2024-35010 1Idccms 1Idccms Jun 17, 2026 May 14, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6.
CVE-2024-35009 1Idccms 1Idccms Jun 17, 2026 May 14, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=&fieldName=state&fieldName2=state&tabName=banner&dataID=6.
CVE-2024-33830 1Idccms 1Idccms Jun 17, 2026 May 6, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/readDeal.php?mudi=clearWebCache.
CVE-2024-33829 1Idccms 1Idccms Jun 17, 2026 May 6, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/readDeal.php?mudi=updateWebCache.
CVE-2024-4172 1Idccms 1Idccms Jun 17, 2026 Apr 25, 2024 N/A· v4 4.3 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability classified as problematic was found in idcCMS 1.35. Affected by this vulnerability is an unknown functionality of the file /admin/admin_cl.php?mudi=revPwd. The manipulation leads to cross-site request for...Show more A vulnerability classified as problematic was found in idcCMS 1.35. Affected by this vulnerability is an unknown functionality of the file /admin/admin_cl.php?mudi=revPwd. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261991.Show less
CVE-2022-27333 1Idccms 1Idccms Jun 17, 2026 Mar 21, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 idcCMS v1.10 was discovered to contain an issue which allows attackers to arbitrarily delete the install.lock file, resulting in a reset of the CMS settings and data.