CVE-2024-24725 | Gibbon up to 26.0.00 POST Request import_run.php&type=externalAssessment&step=4 columnOrder deserialization (Exploit 51903 / EDB-51903)

Posted by Angelo Barbosa | Mar 24, 2024 | CVE

A vulnerability was found in Gibbon up to 26.0.00. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file modules/System%20Admin/import_run.php&type=externalAssessment&step=4 of the component POST Request Handler. The manipulation of the argument columnOrder leads to deserialization.

This vulnerability is known as CVE-2024-24725. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-24725 | Gibbon up to 26.0.00 POST Request import_run.php&type=externalAssessment&step=4 columnOrder deserialization (Exploit 51903 / EDB-51903)

Related Posts

CVE-2024-27184 | Joomla CMS up to 3.10.16/4.4.6/5.1.2 URL redirect

CVE-2024-30302 | Adobe Acrobat Reader up to 20.005.30539/23.008.20470 use after free (apsb24-07)

CVE-2023-6464 | SourceCodester User Registration and Login System 1.0 /endpoint/add-user.php user sql injection

CVE-2024-35633 | CreativeThemes Blocksy Companion Plugin up to 2.0.42 on WordPress server-side request forgery