Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal.
References
Link | Resource |
---|---|
https://gilacms.com/blog | Release Notes Vendor Advisory |
https://infosecdb.wordpress.com/2020/01/05/gilacms-1-11-8-cm-deletet-lfi-local-file-inclusion-and-rce/ | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-01-06 20:15
Updated : 2024-02-04 20:39
NVD link : CVE-2020-5513
Mitre link : CVE-2020-5513
CVE.ORG link : CVE-2020-5513
JSON object : View
Products Affected
gilacms
- gila_cms
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')