CVE-2024-23762

Name of the Vulnerable Software and Affected Versions Gambio version 4.9.2.0

Description The issue allows attackers to execute arbitrary code via the upload of a crafted PHP file, exploiting an Unrestricted File Upload vulnerability in the Content Manager feature.

Recommendations For Gambio version 4.9.2.0, consider disabling the Content Manager feature until a patch is available to prevent the upload of malicious files. Restrict access to the file upload functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.