6 matches found
CVE-2020-26623
creationtimestamp| type| source ---|---|--- 2024-01-02 23:26:48+00:00| seen| https://t.me/ctinow/162087 2024-01-03 01:37:38+00:00| seen| https://t.me/cibsecurity/74205 2024-01-09 08:16:04+00:00| seen| https://t.me/ctinow/164840 2024-01-23 10:26:56+00:00| seen| https://t.me/ctinow/171830...
CVE-2020-26623
SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the AdministrationWidget tab after the login portal...
CVE-2020-26623
SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the AdministrationWidget tab after the login portal...
CVE-2020-26623
CVE-2020-26623 affects Gila CMS 1.15.4 and earlier, where a SQL injection in the Area parameter under Administration>Widget (after login) allows a remote attacker to execute arbitrary web scripts. The root cause is lack of input validation for externally supplied SQL statements in Gila CMS. Th...
GilaCMS 1.15.4 SQL Injection
Description: GilaCMS widget and use wiget area filter to perform search Sample payload: http://targeturl/cm/listrows/widget?page=1&area=dashboard'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,@@version,NULL--%20 Attack Vector 2: After login into admin portal, go to edit...
GilaCMS 1.15.4 SQL Injection Vulnerability
Description: GilaCMS widget and use wiget area filter to perform search Sample payload: http://targeturl/cm/listrows/widget?page=1&area=dashboard'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,@@version,NULL--%20 Attack Vector 2: After login into admin portal, go to edit...