10 matches found
CVE-2019-11456
Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code...
CVE-2019-11515
core/classes/dbbackup.php in Gila CMS 1.10.1 allows admin/dbbackup?download= absolute path traversal to read arbitrary files...
EUVD-2019-11340
Malware in sbrugna...
EUVD-2020-21090
Malware in sbrugna...
EUVD-2024-48542
Malicious code in bioql PyPI...
CVE-2024-7657
A vulnerability classified as problematic was found in Gila CMS 1.10.9. This vulnerability affects unknown code of the file /cm/updaterows/page?id=2 of the component HTTP POST Request Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...
CVE-2020-5512
Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal...
CVE-2019-9647
Gila CMS 1.9.1 has XSS...
CVE-2019-17536
Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/mediaupload and fm/move...
CVE-2024-7657
A vulnerability classified as problematic was found in Gila CMS 1.10.9. This vulnerability affects unknown code of the file /cm/updaterows/page?id=2 of the component HTTP POST Request Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...