4 matches found
CVE-2025-26211
Gibbon before 29.0.00 allows CSRF...
CVE-2025-26211
Gibbon before 29.0.00 allows CSRF...
PT-2024-34601 · Gibbon · Gibbon
Name of the Vulnerable Software and Affected Versions: Gibbon versions prior to 28.0.00 Description: The issue allows a remote attacker to obtain sensitive information via the email parameter found in the "/Gibbon/modules/User Admin/user manage editProcess.php" API endpoint. Recommendations: For...
PT-2024-20520 · Gibbon · Gibbon
Name of the Vulnerable Software and Affected Versions: Gibbon versions 26.0.00 and earlier Description: The issue allows remote authenticated users to conduct PHP deserialization attacks via the columnOrder parameter in a POST request to the "/modules/System%20Admin/import...