This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> [Suggested description] | |
> Roxy Fileman 1.4.6 suffers from a Remote Code Execution (RCE) | |
> vulnerability caused by a weak upload control. | |
> | |
> ------------------------------------------ | |
> | |
> [Additional Information] | |
> The Vendor website is down, in order to download the application we must use Internet Archive. | |
> | |
> ------------------------------------------ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> [description] | |
> An arbitrary file upload vulnerability in the upload function of | |
> GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a | |
> crafted file. | |
> | |
> ------------------------------------------ | |
> | |
> [Vulnerability Type] | |
> Incorrect Access Control | |
> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> [Suggested description] | |
> GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary | |
> file download vulnerability via the filename parameter at | |
> /_admin/imgdownload.php. | |
> | |
> ------------------------------------------ | |
> | |
> [Vulnerability Type] | |
> Incorrect Access Control | |
> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> [Suggested description] | |
> GDidees CMS v3.9.1 was discovered to contain a source code disclosure | |
> vulnerability by the backup feature which is accessible via | |
> /_admin/backup.php. | |
> | |
> ------------------------------------------ | |
> | |
> [Vulnerability Type] | |
> Incorrect Access Control | |
> |