3 matches found
Gila CMS 1.11.5 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities
Exploit for perl platform in category web applications ===== Tempest Security Intelligence - ADV-07/2020 ========================== GilaCMS - Version 1.11.5 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of...
CVE-2019-20804
creationtimestamp| type| source ---|---|--- 2020-05-22 02:55:27+00:00| seen| https://t.me/cibsecurity/12238...
CVE-2019-20804
Gila CMS prior to 1.11.6 is affected by CVE-2019-20804. The flaw allows CSRF that results in Cross‑Site Scripting via the admin/themes URI, risking compromise of the admin account. Affected software: Gila CMS up to version 1.11.5 (1.11.6 fixes). Root cause: CSRF enabling XSS in the admin/themes p...