Vulnerabilities > Gdidees
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-06 | CVE-2023-44758 | Cross-site Scripting vulnerability in Gdidees CMS 3.9.2 GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. | 5.4 |
| 2023-04-11 | CVE-2023-27179 | Unrestricted Upload of File with Dangerous Type vulnerability in Gdidees CMS 3.9.1 GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php. | 7.5 |
| 2023-04-10 | CVE-2023-27178 | Unrestricted Upload of File with Dangerous Type vulnerability in Gdidees CMS 3.9.1 An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file. | 9.8 |
| 2023-04-07 | CVE-2023-27180 | Unspecified vulnerability in Gdidees CMS 3.9.1 GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php. | 7.5 |