CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/05/23 3:50 a.m.•6 views

CVE-2023-45880

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...

7.2CVSS6.9AI score0.00471EPSS

Exploits1

OSV•added 2023/11/14 6:15 a.m.•12 views

CVE-2023-45880

7.2CVSS6.9AI score

Exploits0References1

NVD•added 2023/11/14 6:15 a.m.•6 views

CVE-2023-45880

7.2CVSS0.00471EPSS

Exploits1References1

Prion•added 2023/11/14 6:15 a.m.•14 views

Directory traversal

5.8CVSS7.2AI score0.00471EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/11/14 12:0 a.m.•11 views

CVE-2023-45880

7.2AI score0.00471EPSS

Exploits1References1

Vulnrichment•added 2023/11/14 12:0 a.m.•10 views

CVE-2023-45880

6.9AI score0.00471EPSS

Exploits1References1

CVE•added 2023/11/14 12:0 a.m.•28 views

CVE-2023-45880

GibbonEdu Gibbon (through v25.0.0) is affected by a Directory Traversal via the report template builder. The root cause is the templateFileDestination parameter, which can be set to an arbitrary path and extension, enabling an attacker to write PHP files outside the uploads directory directly int...

7.2CVSS6.9AI score0.00471EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/11/13 12:0 a.m.•3 views

PT-2023-29742 · Gibbon · Gibbon

Name of the Vulnerable Software and Affected Versions: GibbonEdu Gibbon versions through 25.0.0 Description: The issue allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathnam...

7.2CVSS6.9AI score0.00471EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by