Vulnerabilities (CVE)

Filtered by vendor Gdidees Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-44758 1 Gdidees 1 Gdidees Cms 2024-11-21 N/A 5.4 MEDIUM
GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title.
CVE-2023-27180 1 Gdidees 1 Gdidees Cms 2024-11-21 N/A 7.5 HIGH
GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.
CVE-2023-27179 1 Gdidees 1 Gdidees Cms 2024-11-21 N/A 7.5 HIGH
GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.
CVE-2023-27178 1 Gdidees 1 Gdidees Cms 2024-11-21 N/A 9.8 CRITICAL
An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file.