[et_pb_section fb_built=\"1\" _builder_version=\"4.21.0\" _module_preset=\"default\" background_color=\"#2E353D\" custom_padding=\"||0px|||\" global_colors_info=\"{}\"][et_pb_row _builder_version=\"4.21.0\" _module_preset=\"default\" global_colors_info=\"{}\"][et_pb_column type=\"4_4\" _builder_version=\"4.21.0\" _module_preset=\"default\" global_colors_info=\"{}\"][et_pb_text _builder_version=\"4.23.4\" _module_preset=\"default\" custom_padding=\"||13px|||\" global_colors_info=\"{}\"]<\/p>\n
Product<\/strong>: Gambio Gambio is software designed for running online shops. According to their homepage, the software is used by more than 25.000 shops.<\/p>\n The \/shop.php<\/strong> endpoint is vulnerable to a SQL Injection in the modifiers[attribute][]<\/strong> parameter.<\/p>\n Note:<\/strong> Upon discovery, our team immediately initiated the responsible disclosure process by contacting the vendor behind Gambio. The SQL Injection is error-based and can be triggered using a GET request to the following endpoint:<\/p>\n Use prepared statements.<\/p>\n This security vulnerability was identified by Christian Poeschl and Lukas Schraven of usd AG.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" usd-2023-0047 | Gambio 4.9.2.0 - SQL-Injection Product: GambioAffected Version: 4.9.2.0Vulnerability Type: CWE-89 - SQL InjectionSecurity Risk: CriticalVendor URL: https:\/\/www.gambio.de\/Vendor Status: FixedCVE Number: CVE-2024-23763 Description Gambio is software designed for running online shops.It provides various features and tools to help businesses manage their inventory, process orders, and handle customer interactions. According to their homepage, the software […]<\/p>\n","protected":false},"author":115,"featured_media":0,"parent":16124,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"class_list":["post-22060","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/pages\/22060","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/users\/115"}],"replies":[{"embeddable":true,"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/comments?post=22060"}],"version-history":[{"count":5,"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/pages\/22060\/revisions"}],"predecessor-version":[{"id":22359,"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/pages\/22060\/revisions\/22359"}],"up":[{"embeddable":true,"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/pages\/16124"}],"wp:attachment":[{"href":"https:\/\/herolab.usd.de\/en\/wp-json\/wp\/v2\/media?parent=22060"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Affected Version<\/strong>: 4.9.2.0
Vulnerability Type<\/strong>: CWE-89 - SQL Injection
Security Risk<\/strong>: Critical
Vendor URL<\/strong>: https:\/\/www.gambio.de\/<\/a>
Vendor Status<\/strong>: Fixed
CVE Number<\/strong>: CVE-2024-23763<\/p>\nDescription<\/h3>\n
It provides various features and tools to help businesses manage their inventory, process orders, and handle customer interactions.<\/p>\n
Unfortunately, despite multiple attempts, our attempts to engage the vendor in resolving this issue have been met with silence.
The vulnerability is still unfixed.<\/p>\nProof of Concept<\/h3>\n
<\/span>\/shop.php?do=CheckStatus\/Attributes&galleryHash=dddd&modifiers%5Battribute%5D%5B4%5D=9'&products_id=2&products_qty=1&target=cart&isProductInfo=1&page_token=<\/pre>\n<\/div>\nFix<\/h3>\n
References<\/h3>\n
\n
Timeline<\/h3>\n
\n
Credits<\/h3>\n