VYPR
Vendor

GDidees

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2024-46101CriSep 20, 2024
    risk 0.64cvss 9.8epss 0.00

    GDidees CMS <= v3.9.1 has a file upload vulnerability.

  • CVE-2023-27178CriApr 10, 2023
    risk 0.64cvss 9.8epss 0.01

    An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file.

  • CVE-2023-27179HigApr 11, 2023
    risk 0.57cvss 7.5epss 0.61

    GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.

  • CVE-2023-27180HigApr 7, 2023
    risk 0.49cvss 7.5epss 0.01

    GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.

  • CVE-2023-44758MedOct 6, 2023
    risk 0.35cvss 5.4epss 0.00

    GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title.