Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gilacms gila cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-20523
Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote malicious users to execute arbitrary code during the Gila CMS installation.
Gilacms Gila Cms 1.11.3
6.5
CVSSv2
CVE-2020-20692
GilaCMS v1.11.4 exists to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php.
Gilacms Gila Cms 1.11.4
6.8
CVSSv2
CVE-2020-20693
A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated malicious users to arbitrarily add administrator accounts.
Gilacms Gila Cms 1.11.4
3.5
CVSSv2
CVE-2020-20695
A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted SVG file.
Gilacms Gila Cms 1.11.4
NA
CVE-2020-20726
Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote malicious user to execute arbitrary code via the cm/update_rows/user parameter.
Gilacms Gila Cms 1.11.4
6.8
CVSSv2
CVE-2020-5512
Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal.
Gilacms Gila Cms 1.11.8
6.8
CVSSv2
CVE-2020-5513
Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal.
Gilacms Gila Cms 1.11.8
9
CVSSv2
CVE-2020-5514
Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI.
Gilacms Gila Cms 1.11.8
6.8
CVSSv2
CVE-2019-11456
Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code.
Gilacms Gila Cms 1.10.1
3.5
CVSSv2
CVE-2020-20696
A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the Tags field.
Gilacms Gila Cms 1.11.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »