Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/01/27 3:23 p.m.4 views

CVE-2021-47900 Gila CMS < 2.0.0 - Remote Code Execution

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

9.8CVSS6.7AI score0.00602EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.4 views

Gila CMS 跨站脚本漏洞

Gila CMS is an open source content management system CMS based on PHP and MySQL from Gila CMS. A cross-site scripting vulnerability exists in Gila CMS version 1.10.9, which stems from the parameter content in file /cm/updaterows/page?id=2 that can lead to a cross-site scripting attack...

5.4CVSS4.5AI score0.00556EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/08/11 12:0 a.m.5 views

Gila CMS 跨站脚本漏洞

Gila CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in Gila CMS version 1.11.3, which stems from the lack of effective filtering and escaping of user-supplied data by the parameter admuser, and can be exploited by an attacke...

6.1CVSS6AI score0.00611EPSS
Exploits1References2
OSV
OSV
added 2020/11/16 6:15 p.m.6 views

CVE-2020-28692

In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files...

7.2CVSS5.8AI score0.0162EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/22 12:0 a.m.2 views

Gila CMS Cross-Site Scripting Vulnerability (CNVD-2020-34658)

Gila CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in Gila CMS versions prior to 1.11.6. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

6.1CVSS6.4AI score0.01814EPSS
Exploits3References1
OSV
OSV
added 2020/01/06 7:15 p.m.2 views

CVE-2020-5515

Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection...

7.2CVSS5.8AI score0.26546EPSS
Exploits9References3
Rows per page
Query Builder