2 matches found
CVE-2023-45880
GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname and extension. This allows creation of PHP files outside of the uploads...
Gibbon Security Vulnerabilities
Gibbon is a school platform that solves real-world problems that educators encounter every day. A security vulnerability exists in GibbonEdu Gibbon version 25.0.0 that stems from the presence of a directory traversal vulnerability. An attacker can exploit the vulnerability by setting the...