CVE-2020-28692

In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files.
References
Link Resource
https://github.com/jkana/Gila-CMS-1.16.0-shell-upload Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:gilacms:gila_cms:1.16.0:*:*:*:*:*:*:*

Information

Published : 2020-11-16 06:15

Updated : 2020-11-30 09:05


NVD link : CVE-2020-28692

Mitre link : CVE-2020-28692

Products Affected
No products.
CWE