2 matches found
Exploit for Cross-site Scripting in Gibbonedu Gibbon
CVE-2024-34831 XSS Vulnerability in GibbonEdu Core v26.0.00 le...
Static Code Injection in gibbonedu/core
Description The file export.php accepts a directory in the q parameter. We can upload a txt file in the server with our php exploit on it and pass its location in the q parameter, then the php exploit in the uploaded txt file will be executed Proof of Concept 1. Upload a txt file. Inside the txt...