Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GilacmsGila Cms

7 matches found

CVE
CVEadded 2020/01/06 7:15 p.m.138 views

CVE-2020-5515

Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection.

7.2CVSS7.3AI score0.64085EPSS
CVE
CVEadded 2020/01/06 7:15 p.m.71 views

CVE-2020-5514

Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI.

9.1CVSS9.1AI score0.00835EPSS
CVE
CVEadded 2020/01/06 8:15 p.m.70 views

CVE-2020-5512

Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal.

6.8CVSS6.6AI score0.00842EPSS
CVE
CVEadded 2020/01/06 8:15 p.m.69 views

CVE-2020-5513

Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal.

6.8CVSS6.6AI score0.02575EPSS
CVE
CVEadded 2020/05/21 10:15 p.m.36 views

CVE-2019-20803

Gila CMS before 1.11.6 has reflected XSS via the admin/content/postcategory id parameter, which is mishandled for g_preview_theme.

6.1CVSS6AI score0.00422EPSS
CVE
CVEadded 2020/05/21 10:15 p.m.35 views

CVE-2019-20804

Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.

8.8CVSS8.2AI score0.0022EPSS
CVE
CVEadded 2020/11/16 6:15 p.m.33 views

CVE-2020-28692

In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files.

7.2CVSS7AI score0.00451EPSS