Gilacms Gila Cms vulnerabilities
24 known vulnerabilities affecting gilacms/gila_cms.
Total CVEs
24
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH8MEDIUM12LOW3
Vulnerabilities
Page 2 of 2
CVE-2020-26623P4LOWCVSS 3.8≤ 1.15.42024-01-02
CVE-2020-26623 [LOW] CWE-89 CVE-2020-26623: SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to ex
SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the Administration>Widget tab after the login portal.
nvd
CVE-2020-26624P4LOWCVSS 3.8≤ 1.15.42024-01-02
CVE-2020-26624 [LOW] CWE-89 CVE-2020-26624: A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote at
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal.
nvd
CVE-2020-20695P4MEDIUMCVSS 5.4v1.11.42021-09-27
CVE-2020-20695 [MEDIUM] CWE-79 CVE-2020-20695: A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows attackers to execute arb
A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
nvd
CVE-2020-20696P4MEDIUMCVSS 5.4v1.11.42021-09-27
CVE-2020-20696 [MEDIUM] CWE-79 CVE-2020-20696: A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attacker
A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field.
nvd
← Previous2 / 2