Gambio Gx
Monthly
Gambio GX before 4.0.1.0 allows XSS in admin/coupon_admin.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Gambio GX before 4.0.1.0 allows admin/admin.php CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Gambio GX before 4.0.1.0 allows XSS in admin/coupon_admin.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Gambio GX before 4.0.1.0 allows admin/admin.php CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.