Gila Cms Security Vulnerabilities and Issues — Gila Cms CVE List

Lucene search

GilacmsGila Cms

4 matches found

CVE•added 2023/06/20 3:15 p.m.•42 views

CVE-2020-20726

Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote attacker to execute arbitrary code via the cm/update_rows/user parameter.

8.8CVSS8.9AI score0.00613EPSS

CVE•added 2021/09/27 10:15 p.m.•39 views

CVE-2020-20693

A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated attackers to arbitrarily add administrator accounts.

8.8CVSS8.6AI score0.00143EPSS

CVE•added 2019/04/22 4:29 p.m.•36 views

CVE-2019-11456

Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code.

8.8CVSS8.8AI score0.00145EPSS

CVE•added 2020/05/21 10:15 p.m.•35 views

CVE-2019-20804

Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.

8.8CVSS8.2AI score0.0022EPSS