4 matches found
CVE-2019-16679
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion...
Gila CMS < 1.11.1 - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Exploit Title: Authenticated Local File InclusionLFI in GilaCMS Google Dork: N/A Exploit Author: Sainadh Jamalpur Vendor Homepage: https://github.com/GilaCMS/gila Software Link: https://github.com/GilaCMS/gila Version: 1.10.9 Tested on: XAMPP...
Gila CMS < 1.11.1 - Local File Inclusion
Exploit Title: Authenticated Local File InclusionLFI in GilaCMS Google Dork: N/A Date: 04-08-2019 Exploit Author: Sainadh Jamalpur Vendor Homepage: https://github.com/GilaCMS/gila Software Link: https://github.com/GilaCMS/gila Version: 1.10.9 Tested on: XAMPP version 3.2.2 in Windows 10 64bit, CV...
CVE-2019-16679
Gila CMS (pre-1.11.1) is vulnerable to an authenticated Local File Inclusion via admin/fm/?f=.. abuse (directory traversal). Root cause: improper sanitization of the f parameter allows traversal to access local files. Impact as described: Local File Inclusion with partial confidentiality impact; ...