Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote malicious user to execute arbitrary code via the cm/update_rows/user parameter.
gilacms gila cms 1.11.4