7 matches found
CVE-2023-27179
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /admin/imgdownload.php...
GDidees CMS 3.9.1 - Local File Disclosure Vulnerability
Exploit Title: GDidees CMS 3.9.1 - Local File Disclosure Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees CMS v3.9.1 and lower versions w...
GDidees CMS 3.9.1 Local File Disclosure / Directory Traversal Vulnerabilities
Exploit Title: GDidees CMS - 'imgdownload.php' Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees C...
GDidees CMS 3.9.1 Local File Disclosure / Directory Traversal
Exploit Title: GDidees CMS - 'imgdownload.php' Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees C...
CVE-2023-27179
creationtimestamp| type| source ---|---|--- 2023-04-11 16:23:31+00:00| seen| https://t.me/cibsecurity/61868 2025-02-14 10:03:10+00:00| seen| Telegram/RlizQbSdrE6-ldJTpHp6EuP1hc5k-LTtJuiudSAD-tVOjJb...
CVE-2023-27179
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /admin/imgdownload.php...
CVE-2023-27179
GDidees CMS v3.9.1 and earlier exposes an arbitrary file download via the filename parameter on /_admin/imgdownload.php. Affected component is the imgdownload logic; the vulnerability occurs from unsanitized filename input and lack of proper admin session checks, enabling potential retrieval of a...