Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2019-17536

Disclosure Date: October 13, 2019 (last updated November 27, 2024)
Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/media_upload and fm/move.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0