Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-23763 1 Gambio 1 Gambio 2025-05-07 9.8 Critical
SQL Injection vulnerability in Gambio through 4.9.2.0 allows attackers to run arbitrary SQL commands via crafted GET request using modifiers[attribute][] parameter.
CVE-2024-23759 1 Gambio 1 Gambio 2025-05-07 9.8 Critical
Deserialization of Untrusted Data in Gambio through 4.9.2.0 allows attackers to run arbitrary code via "search" parameter of the Parcelshopfinder/AddAddressBookEntry" function.
CVE-2024-23760 1 Gambio 1 Gambio 2025-03-28 2.7 Low
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot.
CVE-2024-23762 1 Gambio 1 Gambio 2025-03-18 7.8 High
Unrestricted File Upload vulnerability in Content Manager feature in Gambio 4.9.2.0 allows attackers to execute arbitrary code via upload of crafted PHP file.
CVE-2024-23761 1 Gambio 1 Gambio 2024-11-21 9.8 Critical
Server Side Template Injection in Gambio 4.9.2.0 allows attackers to run arbitrary code via crafted smarty email template.
CVE-2020-10985 1 Gambio 1 Gambio Gx 2024-11-21 4.8 Medium
Gambio GX before 4.0.1.0 allows XSS in admin/coupon_admin.php.
CVE-2020-10984 1 Gambio 1 Gambio Gx 2024-11-21 8.8 High
Gambio GX before 4.0.1.0 allows admin/admin.php CSRF.
CVE-2020-10983 1 Gambio 1 Gambio Gx 2024-11-21 4.9 Medium
Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php.
CVE-2020-10982 1 Gambio 1 Gambio Gx 2024-11-21 4.9 Medium
Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php.