19 matches found
CVE-2023-31056
CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x...
EUVD-2022-31056
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-31056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected version...
CVE-2025-31056
creationtimestamp| type| source ---|---|--- 2025-05-23 14:06:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17389...
libxml2 security update
2.9.7-18.1 - Fix CVE-2024-25062 RHEL-31056...
CVE-2023-31056
creationtimestamp| type| source ---|---|--- 2023-04-24 07:14:04+00:00| seen| https://t.me/cibsecurity/62678...
CVE-2023-31056
CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x...
CVE-2023-31056
CVE-2023-31056 affects CloverDX prior to 5.17.3. The issue causes passwords to be written to the audit log when the audit log is enabled and single sign-on is not used, exposing credentials (information disclosure). Fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x. Exploitation details are no...
CVE-2023-31056
CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x...
GLPI v10.0.2 - SQL Injection (Authentication Depends on Configuration) Vulnerability
ADVISORY INFORMATION Exploit Title: GLPI v10.0.2 - SQL Injection Authentication Depends on Configuration Application: GLPI =10.0.0, 10.0.3 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...
GLPI 10.0.2 SQL Injection / Remote Code Execution
ADVISORY INFORMATION Exploit Title: GLPI v10.0.2 - SQL Injection Authentication Depends on Configuration Date of found: 11 Jun 2022 Application: GLPI =10.0.0, 10.0.3 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...
GLPI v10.0.2 - SQL Injection (Authentication Depends on Configuration)
ADVISORY INFORMATION Exploit Title: GLPI v10.0.2 - SQL Injection Authentication Depends on Configuration Date of found: 11 Jun 2022 Application: GLPI =10.0.0, 10.0.3 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...
CVE-2022-31056
creationtimestamp| type| source ---|---|--- 2022-06-28 22:42:33+00:00| seen| https://t.me/cibsecurity/45327...
CVE-2022-31056
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms Ticket/Change/Problem permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and...
CVE-2022-31056 SQL injection with _actor parameter in GLPI
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms Ticket/Change/Problem permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and...
CVE-2022-31056 SQL injection with _actor parameter in GLPI
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms Ticket/Change/Problem permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and...
CVE-2022-31056
GLPI prior to 10.0.2 is affected by a SQL injection in the actor field across Help forms (Ticket/Change/Problem). The underlying issue is lack of validation of external input in those actor fields, enabling potentially unauthorized SQL commands. The vulnerability is fixed in GLPI version 10.0.2; ...
CVE-2021-31056
...
CVE-2021-31056
This CVE-2021-31056 entry is rejected/not used and does not represent an active vulnerability.