gilacms/gila is vulnerable to SQL Injection. The vulnerability is due to improper ID parameter sanitization within login portal endpoint, which allows an attacker to execute arbitrary web scripts resulting in SQL injection.
CPE | Name | Operator | Version |
---|---|---|---|
gilacms/gila | le | v115.x-dev | |
gilacms/gila | le | v115.x-dev |