CVE-2021-47900

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

CVE-2021-47900 Gila CMS < 2.0.0 - Remote Code Execution

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

CVE-2021-47900 Gila CMS < 2.0.0 - Remote Code Execution

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

EUVD-2021-34749

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

CVE-2021-47900

Gila CMS

CVE-2021-47900

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...

PT-2026-4931

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shell exec to run system commands by sending...

Gila CMS security vulnerability

Gila CMS is a set of open-source content management systems CMS developed by Gila CMS Inc., based on PHP and MySQL. Versions of Gila CMS prior to 2.0.0 contained security vulnerabilities; these vulnerabilities stemmed from unvalidated HTTP headers, which could allow unauthorized attackers to...

CVE-2019-11456

Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code...

CVE-2019-11515

core/classes/dbbackup.php in Gila CMS 1.10.1 allows admin/dbbackup?download= absolute path traversal to read arbitrary files...

CVE-2019-20803

Gila CMS before 1.11.6 has reflected XSS via the admin/content/postcategory id parameter, which is mishandled for gpreviewtheme...

CVE-2019-20804

Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account...

CVE-2019-16679

Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion...

EUVD-2020-21090

Malware in sbrugna...

EUVD-2019-11341

Malware in sbrugna...

EUVD-2019-7240

Malware in sbrugna...

EUVD-2020-26677

Malware in sbrugna...

EUVD-2019-7886

Malware in sbrugna...

EUVD-2019-7885

Malware in sbrugna...

EUVD-2019-11340

Malware in sbrugna...