Skip to main content

Gdidees Cms

5 CVEs product

Monthly

CVE-2024-46101 CRITICAL Act Now

GDidees CMS <= v3.9.1 has a file upload vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Gdidees Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-44758 MEDIUM POC This Month

GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Gdidees Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-27179 HIGH POC THREAT This Week

GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Gdidees Cms
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
60.8%
CVE-2023-27178 CRITICAL Act Now

An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Gdidees Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-27180 HIGH POC This Week

GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Information Disclosure PHP Gdidees Cms
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
EPSS 0% CVSS 9.8
CRITICAL Act Now

GDidees CMS <= v3.9.1 has a file upload vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Gdidees Cms
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Gdidees Cms
NVD GitHub
EPSS 61% CVSS 7.5
HIGH POC THREAT This Week

GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Gdidees Cms
NVD GitHub Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL Act Now

An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Gdidees Cms
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Information Disclosure PHP +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy