Vulnerability Detail

Enriched intelligence for a single CVE

9.8

CVSS
Critical

CVE-2023-45878

PUBLISHED

GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write because rubrics_visualise_saveAjax.phps does not require authentication. The...

Not yet in CISA KEV

PoC available Remote Low complexity No user interaction

Vendor: GibbonEdu
Product: Gibbon
Published: Nov 14, 2023
EPSS: —

Automate This Intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write because rubrics_visualise_saveAjax.phps does not require authentication. The endpoint accepts the img, path, and gibbonPersonID parameters. The img parameter is expected to be a base64 encoded image. If the path parameter is set, the defined path is used as the destination folder, concatenated with the absolute path of the installation directory. The content of the img parameter is base64 decoded and written to the defined file path. This allows creation of PHP files that permit Remote Code Execution (unauthenticated).

nuclei_scanner

Weaknesses (CWE)

CWE-787

Out-of-bounds Write

CVSS Scores

CVSS v3.1 9.8 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation Status

Proof of concept available

Recorded 2025-03-20 20:57:31 UTC · GitHub

References

https://herolab.usd.de/security-advisories/usd-2023-0025/

Known Exploited Vulnerability Sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
The Shadowserver (via CIRCL) First	2025-07-21 00:00 UTC

Scanner Integrations

Scanner	Reference	Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-45878.yaml	May 16, 2025

Potential Proof of Concepts

These PoCs are unverified and could contain malware. Use at your own risk.

killercd/CVE-2023-45878

github · Created 2025-03-20 20:57:31 UTC · 2 stars

CVE-2023-45878 GibbonEdu Arbitrary File Write

CVE-2023-45878

nuclei · Created Unknown

Timeline

Added to KEVIntel

2025-07-21 00:00 UTC
Detected by Nuclei

2025-05-16 08:44 UTC
Proof of Concept Exploit Available

2025-03-20 20:57 UTC
CVE Published to Public

2023-11-14 00:00 UTC
CVE ID Reserved

2023-10-15 00:00 UTC