Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/05/11 8:26 p.m.9 views

CVE-2026-8209

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

6.9CVSS5.8AI score0.00293EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/11 8:26 p.m.11 views

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS5.9AI score0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/05/09 4:16 a.m.39 views

CVE-2026-8209

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

6.9CVSS0.00293EPSS
Exploits0References2
NVD
NVD
added 2026/05/09 4:16 a.m.21 views

CVE-2026-8208

Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing interpretation of a user provided .zip as PHP. Successful exploitation requires Teacher or higher privileges. Exploitation could result in...

8.9CVSS0.0032EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/09 3:19 a.m.24 views

EUVD-2026-28899

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

6.9CVSS5.8AI score0.00293EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/09 3:19 a.m.6 views

CVE-2026-8209

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

6.9CVSS5.8AI score0.00293EPSS
Exploits0References2
CVE
CVE
added 2026/05/09 3:19 a.m.20 views

CVE-2026-8209

Gibbon before v30.0.01 is affected by a path traversal vulnerability that can cause denial of service via attempting to extract web application PHP files; failed .zip extraction may delete the file and cause downtime. Exploitation requires Teacher or higher privileges and could lead to loss of we...

6.9CVSS5.8AI score0.00293EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/09 3:19 a.m.10 views

CVE-2026-8209

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

6.9CVSS5.8AI score0.00293EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/09 3:19 a.m.54 views

CVE-2026-8209

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

6.9CVSS0.00293EPSS
Exploits0References2
NVD
NVD
added 2026/05/09 3:16 a.m.72 views

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS0.00226EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/09 2:58 a.m.7 views

CVE-2026-8208

Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing interpretation of a user provided .zip as PHP. Successful exploitation requires Teacher or higher privileges. Exploitation could result in...

8.9CVSS5.8AI score0.0032EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/09 2:58 a.m.12 views

CVE-2026-8208

Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing interpretation of a user provided .zip as PHP. Successful exploitation requires Teacher or higher privileges. Exploitation could result in...

8.9CVSS5.8AI score0.0032EPSS
Exploits0References2
CVE
CVE
added 2026/05/09 2:58 a.m.19 views

CVE-2026-8208

CVE-2026-8208 affects Gibbon prior to v30.0.01. It is a local file inclusion vulnerability that can lead to remote code execution by manipulating the report archive directory and causing a user-supplied .zip to be interpreted as PHP. Exploitation requires Teacher or higher privileges and could co...

8.9CVSS5.8AI score0.0032EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/09 2:58 a.m.18 views

EUVD-2026-28898

Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing interpretation of a user provided .zip as PHP. Successful exploitation requires Teacher or higher privileges. Exploitation could result in...

8.9CVSS5.8AI score0.0032EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/09 2:58 a.m.45 views

CVE-2026-8208

Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing interpretation of a user provided .zip as PHP. Successful exploitation requires Teacher or higher privileges. Exploitation could result in...

8.9CVSS0.0032EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/09 2:41 a.m.8 views

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS5.9AI score0.00226EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/09 2:41 a.m.11 views

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS5.9AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/09 2:41 a.m.30 views

EUVD-2026-28880

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS5.9AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2026/05/09 2:41 a.m.32 views

CVE-2026-8207

Gibbon up to version 30.0.01 is affected by an authenticated SQL injection via the Tracking/graphing feature in Tracking/graphing.php (line 145). Exploitation requires Teacher or higher privileges and can lead to unintended read/write access to the database. A fix is available in Gibbon v30.0.01;...

7CVSS5.9AI score0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/09 2:41 a.m.80 views

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS0.00226EPSS
Exploits0References2
Rows per page
Query Builder