Tank992/cms

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-40331 ↗	Jul 10, 2024Wednesday, 10 July 2024, 14:15	8.8 HIGH	—
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup
CVE-2024-40332 ↗	Jul 10, 2024Wednesday, 10 July 2024, 14:15	8.8 HIGH	—
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecord
CVE-2024-40336 ↗	Jul 10, 2024Wednesday, 10 July 2024, 14:15	6.1 MEDIUM	—
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'
CVE-2024-40328 ↗	Jul 10, 2024Wednesday, 10 July 2024, 13:15	6.3 MEDIUM	—
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6
CVE-2024-40329 ↗	Jul 10, 2024Wednesday, 10 July 2024, 13:15	8.8 HIGH	—
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=backup
CVE-2024-40333 ↗	Jul 10, 2024Wednesday, 10 July 2024, 13:15	8.8 HIGH	—
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=del&dataID=2
CVE-2024-40334 ↗	Jul 10, 2024Wednesday, 10 July 2024, 13:15	8.8 HIGH	—
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3