Vendor Products CVEs KEV Avg EPSS Worst Severity 1 5 0 60.2% CRITICAL
CVE ID Description Severity CVSS KEV EPSS Published CVE-2024-46101 GDidees CMS <= v3.9.1 has a file upload vulnerability. CRITICAL 9.8 — 36.3% Sep 20, 2024 CVE-2023-44758 GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. MEDIUM 5.4 — 37.6% Oct 6, 2023 CVE-2023-27179 GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php. HIGH 7.5 — 99.0% Apr 11, 2023 CVE-2023-27178 An arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted file. CRITICAL 9.8 — 68.4% Apr 10, 2023 CVE-2023-27180 GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php. HIGH 7.5 — 60.0% Apr 7, 2023