4 matches found
CVE-2024-24724
Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine messengerSettings.php without sanitization...
CVE-2024-24724
Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine messengerSettings.php without sanitization...
Gibbon 26.0.00 Server-Side Template Injection / Remote Code Execution
Exploit Title: Gibbon LMS has an SSTI vulnerability on the v26.0.00 version Date: 21.01.2024 Exploit Author: SecondX.io Research TeamIslam Rzayev,Fikrat Guliev, Ali Maharramli Vendor Homepage: https://gibbonedu.org/ Software Link: https://github.com/GibbonEdu/core Version: v26.0.00 Tested on:...
Gibbon 26.0.00 Server-Side Template Injection / Remote Code Execution Exploit
Exploit Title: Gibbon LMS has an SSTI vulnerability on the v26.0.00 version Exploit Author: SecondX.io Research TeamIslam Rzayev,Fikrat Guliev, Ali Maharramli Vendor Homepage: https://gibbonedu.org/ Software Link: https://github.com/GibbonEdu/core Version: v26.0.00 Tested on: Ubuntu 22.0 CVE :...