Lucene search
GoogleOSV:GHSA-4VF6-2RMX-FGQXHistoryJan 03, 2024 - 12:30 a.m.
Gila CMS SQL Injection vulnerability
2024-01-0300:30:22
Google
osv.dev
9
sql injection
gila cms
remote attack
arbitrary web scripts
login portal
3.8 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.7%
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal.
Related
veracode
veracode
SQL Injection
2024-01-04 04:50:09
cvelist
cvelist
CVE-2020-26624
2024-01-02 00:00:00
github
github
Gila CMS SQL Injection vulnerability
2024-01-03 00:30:22
nvd
nvd
CVE-2020-26624
2024-01-02 22:15:07
prion
prion
Sql injection
2024-01-02 22:15:00
cve
cve
CVE-2020-26624
2024-01-02 22:15:07
zdt
zdt
GilaCMS 1.15.4 SQL Injection Vulnerability
2023-12-22 00:00:00
packetstorm
packetstorm
GilaCMS 1.15.4 SQL Injection
2023-12-22 00:00:00
3.8 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
8.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.7%
Related for OSV:GHSA-4VF6-2RMX-FGQX