Home

Description

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shell_exec() to run system commands by sending crafted requests to the admin endpoint.

PUBLISHED Reserved 2026-01-18 | Published 2026-01-27 | Updated 2026-01-27 | Assigner VulnCheck




CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Product status

Any version before 2.0.0
affected

Credits

Enesdex finder

References

www.exploit-db.com/exploits/49412 (ExploitDB-49412) exploit

gilacms.com/ (Official Vendor Homepage) product

github.com/GilaCMS/gila (Gila CMS GitHub Repository) product

www.vulncheck.com/advisories/gila-cms-remote-code-execution (VulnCheck Advisory: Gila CMS < 2.0.0 - Remote Code Execution) third-party-advisory

cve.org (CVE-2021-47900)

nvd.nist.gov (CVE-2021-47900)

Download JSON