CVE-2020-26624
CVSS 3.1 Score 3.8 of 10 (low)
Details
Published Jan 2, 2024
Updated: Jan 9, 2024
CWE ID 89
Summary
CVE-2020-26624 is a SQL injection vulnerability affecting Gila CMS versions 1.15.4 and older. An attacker can exploit this issue by inputting malicious SQL code through the ID parameter in the login portal, granting unauthorized access and enabling the execution of arbitrary web scripts. This vulnerability poses a significant risk to websites using the affected CMS version and requires immediate patching to prevent potential data breaches or unauthorized access.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Gilacms Gila Cms
Affected Vendors
- Gilacms