idcCMS
Products
1- 59 CVEs
Recent CVEs
59| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-11587 | 0.00 | — | 0.01 | Nov 21, 2024 | A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||
| CVE-2024-40334 | 0.00 | — | 0.00 | Jul 10, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3 | |||
| CVE-2024-40333 | 0.00 | — | 0.00 | Jul 10, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=del&dataID=2 | |||
| CVE-2024-40332 | 0.00 | — | 0.00 | Jul 10, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord | |||
| CVE-2024-40336 | 0.00 | — | 0.00 | Jul 10, 2024 | idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.' | |||
| CVE-2024-40328 | 0.00 | — | 0.00 | Jul 10, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6 | |||
| CVE-2024-40329 | 0.00 | — | 0.00 | Jul 10, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=backup | |||
| CVE-2024-40331 | 0.00 | — | 0.00 | Jul 10, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup | |||
| CVE-2024-40036 | 0.00 | — | 0.00 | Jul 9, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=add&nohrefStr=close | |||
| CVE-2024-40035 | 0.00 | — | 0.00 | Jul 9, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=add. | |||
| CVE-2024-40038 | 0.00 | — | 0.00 | Jul 9, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=rev | |||
| CVE-2024-40037 | 0.00 | — | 0.00 | Jul 9, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=del | |||
| CVE-2024-40039 | 0.00 | — | 0.00 | Jul 9, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=del | |||
| CVE-2024-40034 | 0.00 | — | 0.00 | Jul 9, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=del | |||
| CVE-2024-39019 | 0.00 | — | 0.00 | Jul 5, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=del | |||
| CVE-2024-39023 | 0.00 | — | 0.00 | Jul 5, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/info_deal.php?mudi=add&nohrefStr=close | |||
| CVE-2024-39020 | 0.00 | — | 0.00 | Jul 5, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/vpsApiData_deal.php?mudi=rev&nohrefStr=close | |||
| CVE-2024-39022 | 0.00 | — | 0.00 | Jul 5, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/infoSys_deal.php?mudi=deal | |||
| CVE-2024-39021 | 0.00 | — | 0.00 | Jul 5, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApiData_deal.php?mudi=del | |||
| CVE-2024-39119 | 0.00 | — | 0.00 | Jul 2, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal.php?mudi=rev&nohrefStr=close. |
- CVE-2024-11587Nov 21, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
- CVE-2024-40334Jul 10, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3
- CVE-2024-40333Jul 10, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=del&dataID=2
- CVE-2024-40332Jul 10, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord
- CVE-2024-40336Jul 10, 2024risk 0.00cvss —epss 0.00
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'
- CVE-2024-40328Jul 10, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6
- CVE-2024-40329Jul 10, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=backup
- CVE-2024-40331Jul 10, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup
- CVE-2024-40036Jul 9, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=add&nohrefStr=close
- CVE-2024-40035Jul 9, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=add.
- CVE-2024-40038Jul 9, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=rev
- CVE-2024-40037Jul 9, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=del
- CVE-2024-40039Jul 9, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=del
- CVE-2024-40034Jul 9, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=del
- CVE-2024-39019Jul 5, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=del
- CVE-2024-39023Jul 5, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/info_deal.php?mudi=add&nohrefStr=close
- CVE-2024-39020Jul 5, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/vpsApiData_deal.php?mudi=rev&nohrefStr=close
- CVE-2024-39022Jul 5, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/infoSys_deal.php?mudi=deal
- CVE-2024-39021Jul 5, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApiData_deal.php?mudi=del
- CVE-2024-39119Jul 2, 2024risk 0.00cvss —epss 0.00
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal.php?mudi=rev&nohrefStr=close.