Vendor
GDidees
Products
1
CVEs
5
Across products
5
Status
Private
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-46101 | Cri | 0.64 | 9.8 | 0.00 | Sep 20, 2024 | GDidees CMS <= v3.9.1 has a file upload vulnerability. | ||
| CVE-2023-27178 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2023 | An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file. | ||
| CVE-2023-27179 | Hig | 0.57 | 7.5 | 0.61 | Apr 11, 2023 | GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php. | ||
| CVE-2023-27180 | Hig | 0.49 | 7.5 | 0.01 | Apr 7, 2023 | GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php. | ||
| CVE-2023-44758 | Med | 0.35 | 5.4 | 0.00 | Oct 6, 2023 | GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. |
- risk 0.64cvss 9.8epss 0.00
GDidees CMS <= v3.9.1 has a file upload vulnerability.
- risk 0.64cvss 9.8epss 0.01
An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file.
- risk 0.57cvss 7.5epss 0.61
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.
- risk 0.49cvss 7.5epss 0.01
GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.
- risk 0.35cvss 5.4epss 0.00
GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title.