Vulnerability in N/a

CVE-2020-5515

Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection.

EPSS: 0.624 (98.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

infosecdb.wordpress.com/2020/01/05/gilacms-1-11-8-admin-sqlquery-sql-injection/ (x_refsource_MISC)
packetstormsecurity.com/files/158114/Gila-CMS-1.11.8-SQL-Injection.html (x_refsource_MISC)
packetstormsecurity.com/files/158140/Gila-CMS-1.1.18.1-SQL-Injection-Shell-Uplo… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-5515?: CVE-2020-5515 is a vulnerability in N/a. Published 2020-01-06.
Is CVE-2020-5515 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.