Lucene search
+L

11 matches found

seebug
seebug
added 2014/07/01 12:0 a.m.84 views

GLPI install.php Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

6.8CVSS0.3AI score0.07855EPSS
Exploits11
checkpoint_advisories
checkpoint_advisories
added 2013/12/29 12:0 a.m.51 views

GLPI install.php Remote Command Execution (CVE-2013-5696)

A command execution vulnerability has been reported in GLPI...

6.6AI score0.07855EPSS
Exploits11
exploitpack
exploitpack
added 2013/10/02 12:0 a.m.81 views

GLPI 0.84.1 - Multiple Vulnerabilities

GLPI 0.84.1 - Multiple Vulnerabilities Advisory ID: HTB23173 Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.84.1 and probably prior Tested Version: 0.84.1 Advisory Publication: September 11, 2013 without technical details Vendor Notification: September 11, 2013 Vendor Patch: September 12,...

6.8CVSS0.4AI score0.07855EPSS
Exploits11
zdt
zdt
added 2013/10/02 12:0 a.m.79 views

GLPI 0.84.1 - Multiple Vulnerabilities

GLPI version 0.84.1 suffers from improper access control bypass and PHP code injection vulnerabilities. Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.84.1 and probably prior Tested Version: 0.84.1 Advisory Publication: September 11, 2013 without technical details Vendor Notification:...

6.8CVSS0.9AI score0.07855EPSS
Exploits11
exploitdb
exploitdb
added 2013/10/02 12:0 a.m.80 views

GLPI 0.84.1 - Multiple Vulnerabilities

Advisory ID: HTB23173 Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.84.1 and probably prior Tested Version: 0.84.1 Advisory Publication: September 11, 2013 without technical details Vendor Notification: September 11, 2013 Vendor Patch: September 12, 2013 Public Disclosure: October 2, 2013...

6.8CVSS6.4AI score0.07855EPSS
Exploits11
nessus
nessus
added 2013/09/26 12:0 a.m.39 views

Mandriva Linux Security Advisory : glpi (MDVSA-2013:240)

Updated glpi package fixes security vulnerabilities : Multiple security vulnerabilities due to improper sanitation of user input in GLPI before versions 0.83.9 CVE-2013-2226, 0.83.91 CVE-2013-2225, and 0.84.2 CVE-2013-5696. This update provides GLPI version 0.83.91, with a patch from GLPI 0.84.2,...

7.5CVSS7.2AI score0.07855EPSS
Exploits15References4
cvelist
cvelist
added 2013/09/23 1:0 a.m.41 views

CVE-2013-5696

inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery CSRF attacks, and 1 perform a SQL injection via an Etape4 action or 2 execute arbitrary PHP...

8AI score0.07855EPSS
Exploits11References5
cve
cve
added 2013/09/23 1:0 a.m.143 views

CVE-2013-5696

GLPI before 0.84.2 is affected by CVE-2013-5696 due to inc/central.class.php not disabling install.php after installation, enabling CSRF and, via Etape_4 and update_1 actions, potential SQL injection and arbitrary PHP code execution. The CVE is documented with root cause as improper access contro...

6.8CVSS8.1AI score0.07855EPSS
Exploits11References5Affected Software1
exploitdb
exploitdb
added 2013/09/23 12:0 a.m.62 views

GLPI - 'install.php' Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'GLPI install.php Remote Command...

6.8CVSS6.4AI score0.07855EPSS
Exploits11
metasploit
metasploit
added 2013/09/20 8:45 a.m.50 views

GLPI install.php Remote Command Execution

This module exploits an arbitrary command execution vulnerability in the GLPI 'install.php' script. This module is set to ManualRanking due to this module overwriting the target database configuration, which may introduce target instability. This module requires Metasploit:...

6.8CVSS0.9AI score0.07855EPSS
Exploits11
altlinux
altlinux
added 2013/09/20 12:0 a.m.61 views

Security fix for the ALT Linux 9 package glpi version 0.84.2-alt1

Sept. 20, 2013 Pavel Zilke 0.84.2-alt1 - Security fixes: + CVE-2013-5696 : SQL Injection, PHP Code Execution, CSRF...

6.8CVSS7.8AI score0.07855EPSS
Exploits11
Rows per page
Query Builder