Gibbon LMS 漏洞列表

共找到 1 个与 Gibbon LMS 相关的漏洞

📅 加载漏洞趋势中...

CVE-2023-45878: Gibbon LMS <= v25.0.01 - File Upload to RCE POC

日期: 2025-08-01 | 影响软件: Gibbon LMS

Gibbon LMS versions 25.0.1 and earlier are vulnerable to an Arbitrary File Upload that can lead to Remote Code Execution (RCE). The issue stems from the rubrics_visualise_saveAjax.php endpoint, which, notably, does not require authentication. Because of this, unauthenticated attackers could potentially upload malicious PHP files and execute arbitrary code on the server.