CWE-352 CVEs and Security Vulnerabilities

Filtered by CWE-352

Search

Switch to Advanced Search (Beta)

Total 7170 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-36549	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close
CVE-2024-36548	2 Idccms, Idccms Project	2 Idccms, Idccms	2025-02-13	5.4 Medium
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/vpsCompany_deal.php?mudi=del
CVE-2024-36547	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=add
CVE-2024-36076	1 Syslifters	1 Sysreptor	2025-02-13	8.8 High
Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session.
CVE-2024-35561	1 Idccms Project	1 Idccms	2025-02-13	5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35559	1 Idccms Project	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=rev&nohrefStr=close.
CVE-2024-35557	1 Idccms Project	1 Idccms	2025-02-13	5.5 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApi_deal.php?mudi=rev&nohrefStr=close.
CVE-2024-35556	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsSys_deal.php?mudi=infoSet.
CVE-2024-35555	1 Idccms Project	1 Idccms	2025-02-13	6.3 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=newsWeb&fieldName=state&fieldName2=state&tabName=infoWeb&dataID=40.
CVE-2024-35553	1 Idccms	1 Idccms	2025-02-13	8.3 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35552	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=del&dataType=logo&dataTypeCN.
CVE-2024-35475	1 Openkm	1 Openkm	2025-02-13	6.4 Medium
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands.
CVE-2024-35109	1 Idccms Project	1 Idccms	2025-02-13	6.5 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35108	1 Idccms Project	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN.
CVE-2024-35012	1 Idccms Project	1 Idccms	2025-02-13	6.3 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35011	1 Idccms Project	1 Idccms	2025-02-13	5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close.
CVE-2024-35010	1 Idccms	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6.
CVE-2024-35009	1 Idccms Project	1 Idccms	2025-02-13	8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=&fieldName=state&fieldName2=state&tabName=banner&dataID=6.
CVE-2024-34958	1 Idccms Project	1 Idccms	2025-02-13	6.5 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add
CVE-2024-34957	1 Idccms Project	1 Idccms	2025-02-13	5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet.

« first previous Page 29 of 359. next last »