Thirtypenny77

2 exploits Active since May 2024

CVE-2024-35010 WRITEUP HIGH WORKING POC

idccms v1.35 - Cross-Site Request Forgery via /admin/banner_deal.php

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6.

CVSS 8.8

View Code

CVE-2024-39157 WRITEUP LOW WORKING POC

idccms v1.35 - Cross-Site Request Forgery via /admin/ipRecord_deal.php

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=del&dataType=&dataID=1.

CVSS 3.8

View Code