all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Gambio Online Webshop 4.9.2.0 Remote Code Execution

Add to bookmarks
April 23, 2024, 3:50 p.m. |

Packet Storm packetstormsecurity.com

A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an attacker to execute remote code on affected systems. The insecure deserialization vulnerability in Gambio poses a significant risk to affected systems. As it allows remote code execution, adversaries could exploit this flaw to execute arbitrary commands, potentially resulting in …

attacker attackers code code execution deserialization execute remote code flaw http insecure remote code remote code execution request run systems ultimately unauthenticated vulnerability

Visit resource

More from packetstormsecurity.com / Packet Storm

Ubuntu Security Notice USN-6757-2 23 hours ago | packetstormsecurity.com
arbitrary code attacker code crash +16
Ubuntu Security Notice USN-6762-1 23 hours ago | packetstormsecurity.com
arbitrary code attacker attackers code +15
SOPlanning 1.52.00 SQL Injection 23 hours ago | packetstormsecurity.com
injection php projects sql +5
SOPlanning 1.52.00 Cross Site Request Forgery 23 hours ago | packetstormsecurity.com
forgery php request version +2
SOPlanning 1.52.00 Cross Site Scripting 23 hours ago | packetstormsecurity.com
cross site scripting php scripting version +2
Red Hat Security Advisory 2024-2679-03 23 hours ago | packetstormsecurity.com
advisory enterprise free linux +7
Red Hat Security Advisory 2024-2674-03 23 hours ago | packetstormsecurity.com
advisory enterprise kernel linux +5
Red Hat Security Advisory 2024-2071-03 23 hours ago | packetstormsecurity.com
advisory bugs container fix +10
Red Hat Security Advisory 2024-2068-03 23 hours ago | packetstormsecurity.com
advisory bugs container denial of service +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

QA Customer Response Engineer

@ ORBCOMM | Sterling, VA Office, Sterling, VA, US
View on infosec-jobs.com

Enterprise Security Architect

@ Booz Allen Hamilton | USA, TX, San Antonio (3133 General Hudnell Dr) Client Site
View on infosec-jobs.com

DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)

@ Sierra Nevada Corporation | Dayton, OH - OH OD1
View on infosec-jobs.com

Senior Development Security Analyst (REMOTE)

@ Oracle | United States
View on infosec-jobs.com

Software Engineer - Network Security

@ Cloudflare, Inc. | Remote
View on infosec-jobs.com

Software Engineer, Cryptography Services

@ Robinhood | Toronto, ON
View on infosec-jobs.com
View more jobs