VYPR
Vendor

idcCMS

Products
1
CVEs
60
Across products
60
Status
Private

Products

1

Recent CVEs

60
View all 60 CVEs →
  • CVE-2024-35361CriMay 21, 2024
    risk 0.64cvss 9.8epss 0.01

    MTab Bookmark v1.9.5 has an SQL injection vulnerability in /LinkStore/getIcon. An attacker can execute arbitrary SQL statements through this vulnerability without requiring any user rights.

  • CVE-2024-40332HigJul 10, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord

  • CVE-2024-40331HigJul 10, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup

  • CVE-2024-40334HigJul 10, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3

  • CVE-2024-40333HigJul 10, 2024
    risk 0.57cvss 8.8epss 0.01

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=del&dataID=2

  • CVE-2024-40329HigJul 10, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=backup

  • CVE-2024-40039HigJul 9, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=del

  • CVE-2024-40037HigJul 9, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=del

  • CVE-2024-40036HigJul 9, 2024
    risk 0.57cvss 8.8epss 0.01

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=add&nohrefStr=close

  • CVE-2024-40034HigJul 9, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=del

  • CVE-2024-39023HigJul 5, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/info_deal.php?mudi=add&nohrefStr=close

  • CVE-2024-39022HigJul 5, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/infoSys_deal.php?mudi=deal

  • CVE-2024-39158HigJun 27, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/userSys_deal.php?mudi=infoSet.

  • CVE-2024-39154HigJun 27, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mudi=del&dataType=word&dataTypeCN.

  • CVE-2024-36670HigJun 5, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del

  • CVE-2024-36669HigJun 5, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=add.

  • CVE-2024-36668HigJun 5, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=del

  • CVE-2024-36667HigJun 5, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/idcProType_deal.php?mudi=add&nohrefStr=close

  • CVE-2024-36550HigJun 4, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=add&nohrefStr=close

  • CVE-2024-36549HigJun 4, 2024
    risk 0.57cvss 8.8epss 0.00

    idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close