Vulnerabilities (CVE)

Filtered by vendor Gilacms Subscribe

Filtered by product Gila Cms

Total 24 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-16679	1 Gilacms	1 Gila Cms	2019-09-23	4.0 MEDIUM	4.9 MEDIUM
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.
CVE-2019-9647	1 Gilacms	1 Gila Cms	2019-06-06	4.3 MEDIUM	6.1 MEDIUM
Gila CMS 1.9.1 has XSS.
CVE-2019-11515	1 Gilacms	1 Gila Cms	2019-04-27	4.0 MEDIUM	4.9 MEDIUM
core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?download= absolute path traversal to read arbitrary files.
CVE-2019-11456	1 Gilacms	1 Gila Cms	2019-04-26	6.8 MEDIUM	8.8 HIGH
Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code.