2 matches found
CVE-2023-44758
GDidees CMS 3.0 is affected by a Cross-Site Scripting XSS vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title...
PT-2023-20991 · Unknown · Gdidees Cms
Name of the Vulnerable Software and Affected Versions: GDidees CMS versions 3.9.1 and lower Description: The issue is related to an arbitrary file download via the filename parameter at the "/ admin/imgdownload.php" API endpoint. This allows unauthorized access to files on the system...