Gibbonedu Gibbon
4 CVEs affecting Gibbonedu Gibbon. Latest disclosed: 2026-05-09. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-26211 | Low | 3.7 | 2025-05-27 | Gibbon before 29.0.00 allows CSRF. |
CVE-2026-8209 | | 2026-05-09 | Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed… | |
CVE-2026-8208 | | 2026-05-09 | Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing inte… | |
CVE-2026-8207 | | 2026-05-09 | Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/cor… |