CVE-2021-37777

Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR). Thumbnails uploaded by one site owner are visible by another site owner just by knowing the other site name and fuzzing for picture names. This leads to sensitive information disclosure.
References
Link Resource
https://www.navidkagalwalla.com/gila-cms-vulnerabilities Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:gilacms:gila_cms:2.2.0:*:*:*:*:*:*:*

Information

Published : 2021-10-04 02:15

Updated : 2022-05-03 04:04


NVD link : CVE-2021-37777

Mitre link : CVE-2021-37777

Products Affected
No products.
CWE