QID 996484
Date Published: 2024-01-04
QID 996484: PHP (Composer) Security Update for gilacms/gila (GHSA-rpjw-97p8-p2xp)
SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the Administration>Widget tab after the login portal.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
Solution
Refer to Github security advisory GHSA-rpjw-97p8-p2xp for updates and patch information.
Vendor References
- GHSA-rpjw-97p8-p2xp -
github.com/advisories/GHSA-rpjw-97p8-p2xp
CVEs related to QID 996484
Software Advisories
| Advisory ID | Software | Component | Link |
|---|