A vulnerability was found in GilaCMS 1.11.4. It has been classified as critical. This affects an unknown part of the file /src/core/controllers/cm.php of the component GET Parameter Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
GilaCMS 1.11.4 GET Parameter cm.php sql injection
- Virtual Patching
- September 28, 2021
- 7:05 am
CVE-2024-52759 : D-LINK DI-8003 16.07.26A1 IP_POSITION_ASP IP BUFFER OVERFLOW
Description D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. References
CVE-2024-51503 : TREND MICRO DEEP SECURITY UP TO 20.0 OS COMMAND INJECTION
Description A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an
CVE-2024-52360 : IBM CONCERT SOFTWARE 1.0.0/1.0.1/1.0.2/1.0.2.1 SQL INJECTION
Description IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially