Total
7668 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-39154 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mudi=del&dataType=word&dataTypeCN. | |||||
| CVE-2024-39155 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.8 MEDIUM |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=add. | |||||
| CVE-2024-39156 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 3.8 LOW |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mudi=add. | |||||
| CVE-2024-39157 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 3.8 LOW |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=del&dataType=&dataID=1. | |||||
| CVE-2024-39158 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/userSys_deal.php?mudi=infoSet. | |||||
| CVE-2024-40035 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.9 MEDIUM |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=add. | |||||
| CVE-2024-40038 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.3 MEDIUM |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=rev | |||||
| CVE-2024-40328 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 6.3 MEDIUM |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6 | |||||
| CVE-2024-40329 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=backup | |||||
| CVE-2024-40331 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/dbBakMySQL_deal.php?mudi=backup | |||||
| CVE-2024-33829 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 5.4 MEDIUM |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/readDeal.php?mudi=updateWebCache. | |||||
| CVE-2024-35010 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6. | |||||
| CVE-2024-35009 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=&fieldName=state&fieldName2=state&tabName=banner&dataID=6. | |||||
| CVE-2024-33830 | 1 Idccms | 1 Idccms | 2025-04-15 | N/A | 8.1 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/readDeal.php?mudi=clearWebCache. | |||||
| CVE-2022-46491 | 1 Nbnbk Project | 1 Nbnbk | 2025-04-15 | N/A | 6.5 MEDIUM |
| A Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts. | |||||
| CVE-2022-46853 | 1 Radiustheme | 1 The Post Grid | 2025-04-15 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 5.0.4 versions. | |||||
| CVE-2022-4124 | 1 Popup Manager Project | 1 Popup Manager | 2025-04-14 | N/A | 4.3 MEDIUM |
| The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF checks when deleting popups, which could allow unauthenticated users to delete them | |||||
| CVE-2024-54357 | 1 Theme-fusion | 1 Avada | 2025-04-14 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.10. | |||||
| CVE-2020-28191 | 1 Togglz | 1 Togglz | 2025-04-14 | N/A | 8.8 HIGH |
| The console in Togglz before 2.9.4 allows CSRF. | |||||
| CVE-2024-2429 | 1 Salonbookingsystem | 1 Salon Booking System | 2025-04-14 | N/A | 4.3 MEDIUM |
| The Salon booking system WordPress plugin through 9.6.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | |||||