Lucene search
GitHub Advisory DatabaseGHSA-4VF6-2RMX-FGQXHistoryJan 03, 2024 - 12:30 a.m.
Gila CMS SQL Injection vulnerability
2024-01-0300:30:22
CWE-89
GitHub Advisory Database
github.com
13
gila cms
sql injection
remote attacker
web scripts
security vulnerability
software
3.8 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
8.6 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.7%
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal.
Affected configurations
Node
gilacmsgila_cmsRange≤1.15.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| gilacms/gila | le | 1.15.4 |
Related
nvd
nvd
CVE-2020-26624
2024-01-02 22:15:07
prion
prion
Sql injection
2024-01-02 22:15:00
veracode
veracode
SQL Injection
2024-01-04 04:50:09
cvelist
cvelist
CVE-2020-26624
2024-01-02 00:00:00
cve
cve
CVE-2020-26624
2024-01-02 22:15:07
osv
osv
Gila CMS SQL Injection vulnerability
2024-01-03 00:30:22
zdt
zdt
GilaCMS 1.15.4 SQL Injection Vulnerability
2023-12-22 00:00:00
packetstorm
packetstorm
GilaCMS 1.15.4 SQL Injection
2023-12-22 00:00:00
3.8 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
8.6 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.7%
Related for GHSA-4VF6-2RMX-FGQX