Gilacms: community verdicts
3 notable / known-exploited Gilacms CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Gilacms CVE, see NVD ↗.
- CVE-2020-26624LOW 3.8EPSS 1%
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal.
- CVE-2020-26625LOW 3.8EPSS 1%
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the 'user_id' parameter after the login portal.
- CVE-2020-26623LOW 3.8EPSS 1%
SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the Administration>Widget tab after the login portal.