2 matches found
SQL Injection
gilacms/gila is vulnerable to SQL Injection. The vulnerability is due to the improper santization of the Area parameter within the AdministrationWidget tab, which allows an attacker to execute arbitrary web scripts which results in SQL injection...
Cross-site Scripting (XSS)
gilacms/gila is vulnerable to cross-site scripting XSS. The attack exists because the admin/content/postcategory id parameter is not sanitized properly for gpreviewtheme...