Lukas Schraven

**Name of the Vulnerable Software and Affected Versions** Gambio versions through 4.9.2.0 **Description** The issue allows attackers to run arbitrary code via the `search` parameter of the "Parcelshopfinder/AddAddressBookEntry" function. This is due to the deserialization of untrusted data. **Recommendations** For versions through 4.9.2.0, as a temporary workaround, consider restricting access to the "Parcelshopfinder/AddAddressBookEntry" function until a patch is available. Avoid using the `search` parameter in this function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gambio version 4.9.2.0 **Description** The issue allows attackers to obtain sensitive information via `error-handler.log.json` and `legacy-error-handler.log.txt` under the webroot. This is due to cleartext storage of sensitive information in Gambio. **Recommendations** For Gambio version 4.9.2.0, consider restricting access to the `error-handler.log.json` and `legacy-error-handler.log.txt` files under the webroot to minimize the risk of exploitation. As a temporary workaround, consider removing or securing these log files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Gambio version 4.9.2.0 **Description** The issue allows attackers to run arbitrary code via crafted smarty email template. This is a Server Side Template Injection in Gambio. **Recommendations** For Gambio version 4.9.2.0, as a temporary workaround, consider disabling the use of crafted smarty email templates until a patch is available. Restrict access to the email template functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gambio version 4.9.2.0 **Description** The issue allows attackers to execute arbitrary code via the upload of a crafted PHP file, exploiting an Unrestricted File Upload vulnerability in the Content Manager feature. **Recommendations** For Gambio version 4.9.2.0, consider disabling the Content Manager feature until a patch is available to prevent the upload of malicious files. Restrict access to the file upload functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gambio versions 4.9.2.0 and earlier **Description** The issue allows attackers to run arbitrary SQL commands via a crafted GET request using the `modifiers[attribute][]` parameter. This enables attackers to potentially extract or modify sensitive data. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited. **Recommendations** For versions 4.9.2.0 and earlier, consider disabling the `modifiers[attribute][]` parameter in GET requests until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.