Lucene search
MitreVULNRICHMENT:CVE-2024-24725HistoryMar 23, 2024 - 12:00 a.m.
CVE-2024-24725
2024-03-2300:00:00
mitre
github.com
1
gibbon
php deserialization
import_run.php
AI Score
6.6
Confidence
Low
EPSS
0.416
Percentile
97.4%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:gibbonedu:gibbon:*:*:*:*:*:*:*:*"
],
"vendor": "gibbonedu",
"product": "gibbon",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "26.0.0"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
CVE-2024-24725
2024-03-23 00:00:00
cve
cve
CVE-2024-24725
2024-03-23 23:15:07
exploitdb
exploitdb
Gibbon LMS < v26.0.00 - Authenticated RCE
2024-03-18 00:00:00
packetstorm
packetstorm
Gibbon School Platform 26.0.00 Remote Code Execution
2024-04-05 00:00:00
Gibbon LMS 26.0.00 PHP Deserialization / Code Execution
2024-03-19 00:00:00
zdt
zdt
Gibbon School Platform Authenticated PHP Deserialization Exploit
2024-04-12 00:00:00
Gibbon LMS < v26.0.00 - Authenticated Remote Code Execution Exploit
2024-03-18 00:00:00
metasploit
metasploit
Gibbon School Platform Authenticated PHP Deserialization Vulnerability
2024-04-01 14:49:10
nvd
nvd
CVE-2024-24725
2024-03-23 23:15:07
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up 04/12/24
2024-04-12 17:47:11
AI Score
6.6
Confidence
Low
EPSS
0.416
Percentile
97.4%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-24725