CVE-2024-40036 | idcCMS 1.35 userGroup_deal.php cross-site request forgery

Posted by Angelo Barbosa | Jul 9, 2024 | CVE

A vulnerability, which was classified as problematic, was found in idcCMS 1.35. Affected is an unknown function of the file /admin/userGroup_deal.php?mudi=add&nohrefStr=close. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-40036. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-40036 | idcCMS 1.35 userGroup_deal.php cross-site request forgery

Related Posts

CVE-2024-20404 | Cisco Unified Contact Center Enterprise Web-Based Management Interface server-side request forgery (cisco-sa-finesse-ssrf-rfi-Um7wT8Ew)

CVE-2024-41721 | FreeBSD bhyve out-of-bounds

CVE-2023-50330 | LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623 Realtek rtl819x Jungle SDK getInfo stack-based overflow (TALOS-2023-1903)

CVE-2024-39097 | Gnuboard g6 up to 6.0.4 Login url redirect