Vulnerabilities > Gambio > Gambio GX > 4.0.0.0

DATE CVE VULNERABILITY TITLE RISK
2020-07-28 CVE-2020-10985 Cross-site Scripting vulnerability in Gambio GX 4.0.0.0
Gambio GX before 4.0.1.0 allows XSS in admin/coupon_admin.php.
network
gambio CWE-79
3.5
3.5
2020-07-28 CVE-2020-10984 Cross-Site Request Forgery (CSRF) vulnerability in Gambio GX 4.0.0.0
Gambio GX before 4.0.1.0 allows admin/admin.php CSRF.
network
gambio CWE-352
6.8
6.8
2020-07-28 CVE-2020-10983 SQL Injection vulnerability in Gambio GX 4.0.0.0
Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php.
network
low complexity
gambio CWE-89
4.0
4.0
2020-07-28 CVE-2020-10982 SQL Injection vulnerability in Gambio GX 4.0.0.0
Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php.
network
low complexity
gambio CWE-89
4.0
4.0