Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Gila_cms
(Gilacms)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-01-02 | CVE-2020-26624 | A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal. | Gila_cms | 3.8 | ||
| 2024-01-02 | CVE-2020-26623 | SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the Administration>Widget tab after the login portal. | Gila_cms | 3.8 | ||
| 2024-01-02 | CVE-2020-26625 | A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the 'user_id' parameter after the login portal. | Gila_cms | 3.8 | ||
| 2023-06-20 | CVE-2020-20726 | Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote attacker to execute arbitrary code via the cm/update_rows/user parameter. | Gila_cms | 8.8 | ||
| 2020-01-06 | CVE-2020-5514 | Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI. | Gila_cms | 9.1 |