Lucene search
Gdidees Cms Security Vulnerabilities - 2023
cve
An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file.
9.8CVSS
9.4AI Score
0.002EPSS
2023-04-10 09:15 PM
16
cve
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.
7.5CVSS
7.5AI Score
0.028EPSS
2023-04-11 12:15 PM
25
2
cve
GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.
7.5CVSS
7.5AI Score
0.001EPSS
2023-04-07 09:15 PM
18
cve
GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title.
5.4CVSS
5.3AI Score
0.001EPSS
2023-10-06 11:15 AM
61