Limited Black Friday Offer:

GDidees CMS v3.9.1 - Arbitrary File Download CVE-2023-27179 Scanner

There is an arbitrary file download vulnerability in GDidees CMS v3.9.1.

Short Info

Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

GDidees CMS v3.9.1 - Arbitrary File Download CVE-2023-27179 Scanner Detail

GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.

http://packetstormsecurity.com/files/171894/GDidees-CMS-3.9.1-Local-File-Disclosure-Directory-Traversal.html
https://gist.github.com/Hadi999/516aa25b953b0cba57089a0c11b1305b
https://knowledge-base.secureflag.com/vulnerabilities/unrestricted_file_download/unrestricted_file_download_vulnerability.html
https://www.gdidees.eu/cms-1-0.html