CVE-2024-40036 | idcCMS 1.35 userGroup_deal.php cross-site request forgery

Posted by Angelo Barbosa | Jul 9, 2024 | CVE

A vulnerability, which was classified as problematic, was found in idcCMS 1.35. Affected is an unknown function of the file /admin/userGroup_deal.php?mudi=add&nohrefStr=close. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2024-40036. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-40036 | idcCMS 1.35 userGroup_deal.php cross-site request forgery

Related Posts

CVE-2024-50509 | Chetan Khandla Woocommerce Product Design Plugin up to 1.0.0 on WordPress path traversal

CVE-2024-35667 | WP EasyCart Plugin up to 5.5.19 on WordPress authorization

CVE-2024-1795 | Husky Plugin up to 1.3.5.2 on WordPress sql injection

CVE-2024-9889 | ElementInvader Addons for Elementor Plugin up to 1.2.9 on WordPress information disclosure