Lucene search
MitreCVELIST:CVE-2013-5696HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-5696
2022-10-0316:14:54
mitre
www.cve.org
inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and (1) perform a SQL injection via an Etape_4 action or (2) execute arbitrary PHP code via an update_1 action.
References
www.glpi-project.org/spip.php?page=annonce&id_breve=308
forge.indepnet.net/issues/4480
forge.indepnet.net/projects/glpi/repository/revisions/21753
forge.indepnet.net/projects/glpi/repository/revisions/21753/diff/branches/0.84-bugfixes/inc/central.class.php
www.navixia.com/blog/entry/navixia-finds-critical-vulnerabilities-in-glpi-cve-2013-5696.html
Related
nessus
nessus
Fedora 20 : glpi-0.84.2-1.fc20 (2013-18202)
2013-10-13 00:00:00
Mandriva Linux Security Advisory : glpi (MDVSA-2013:240)
2013-09-26 00:00:00
exploitpack
exploitpack
GLPI 0.84.1 - Multiple Vulnerabilities
2013-10-02 00:00:00
ubuntucve
ubuntucve
CVE-2013-5696
2013-09-23 00:00:00
securityvulns
securityvulns
Remote Code Execution in GLPI
2013-10-02 00:00:00
cve
cve
CVE-2013-5696
2022-10-03 16:14:54
metasploit
metasploit
GLPI install.php Remote Command Execution
2013-09-20 08:45:10
packetstorm
packetstorm
GLPI 0.84.1 Access Control / Code Injection
2013-10-02 00:00:00
GLPI install.php Remote Command Execution
2013-09-20 00:00:00
checkpoint_advisories
checkpoint_advisories
GLPI install.php Remote Command Execution (CVE-2013-5696)
2013-12-29 00:00:00
zdt
zdt
GLPI install.php Remote Command Execution Vulnerability
2013-09-21 00:00:00
GLPI 0.84.1 - Multiple Vulnerabilities
2013-10-02 00:00:00
htbridge
htbridge
Remote Code Execution in GLPI
2013-09-11 00:00:00
dsquare
dsquare
GLPI 0.84.1 RCE
2013-10-04 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: glpi-0.84.2-1.fc20
2013-10-12 04:30:38
altlinux
altlinux
Security fix for the ALT Linux 9 package glpi version 0.84.2-alt1
2013-09-20 00:00:00
Security fix for the ALT Linux 10 package glpi version 0.84.2-alt1
2013-09-20 00:00:00
seebug
seebug
GLPI install.php Remote Command Execution
2014-07-01 00:00:00
prion
prion
Cross site request forgery (csrf)
2013-09-23 03:49:00
nvd
nvd
CVE-2013-5696
2013-09-23 03:49:27
exploitdb
exploitdb
GLPI - 'install.php' Remote Command Execution (Metasploit)
2013-09-23 00:00:00
GLPI 0.84.1 - Multiple Vulnerabilities
2013-10-02 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0288)
2022-01-28 00:00:00
mageia
mageia
Updated glpi package fixes security vulnerabilities
2013-09-20 09:36:48