Description

GibbonEdu Gibbon through version 25.0.0 allows Directory Traversal via the report template builder. An attacker can create a new Asset Component. The templateFileDestination parameter can be set to an arbitrary pathname (and extension). This allows creation of PHP files outside of the uploads directory, directly in the webroot.

Remediation

References

CVE-2023-45880

Related Vulnerabilities

LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29710)

Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4667)

WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Directory Traversal (6.45)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0123)

WordPress 4.1.x Same Origin Method Execution (SOME) Vulnerability (4.1 - 4.1.10)

Severity

High

Classification

CVE-2023-45880 CWE-22 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities