Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gilacms gila cms vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-5515
Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection.
Gilacms Gila Cms 1.11.8
6.8
CVSSv3
CVE-2020-5512
Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal.
Gilacms Gila Cms 1.11.8
9.1
CVSSv3
CVE-2020-5514
Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI.
Gilacms Gila Cms 1.11.8
6.1
CVSSv3
CVE-2020-20523
Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote malicious users to execute arbitrary code during the Gila CMS installation.
Gilacms Gila Cms 1.11.3
7.2
CVSSv3
CVE-2020-20692
GilaCMS v1.11.4 exists to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php.
Gilacms Gila Cms 1.11.4
8.8
CVSSv3
CVE-2020-20693
A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated malicious users to arbitrarily add administrator accounts.
Gilacms Gila Cms 1.11.4
5.4
CVSSv3
CVE-2020-20695
A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted SVG file.
Gilacms Gila Cms 1.11.4
5.4
CVSSv3
CVE-2020-20696
A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the Tags field.
Gilacms Gila Cms 1.11.4
7.2
CVSSv3
CVE-2020-28692
In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files.
Gilacms Gila Cms 1.16.0
1 Github repository
5.4
CVSSv3
CVE-2021-39486
A Stored XSS via Malicious File Upload exists in Gila CMS version 2.2.0. An attacker can use this to steal cookies, passwords or to run arbitrary code on a victim's browser.
Gilacms Gila Cms 2.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »