VYPR
Unrated severityNVD Advisory· Published Mar 23, 2024· Updated Aug 27, 2024

CVE-2024-24725

CVE-2024-24725

Description

Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Gibbon/Gibboncpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=26.0.00

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.