Posted on Leave a comment

CVE-2019-11515

core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?download= absolute path traversal to read arbitrary files.

Leave a Reply

Your email address will not be published. Required fields are marked *