8 matches found
CVE-2022-34125
front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access to sensitive information via a log/ pathname in the file parameter...
CVE-2022-34125
creationtimestamp| type| source ---|---|--- 2023-04-16 07:27:21+00:00| seen| https://t.me/cibsecurity/62252...
CVE-2022-34125
front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access to sensitive information via a log/ pathname in the file parameter...
CVE-2022-34125
front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access to sensitive information via a log/ pathname in the file parameter...
CVE-2022-34125
GLPI CMDB plugin vulnerability CVE-2022-34125 affects versions prior to 3.0.3 of the CMDB plugin for GLPI. The issue is in front/icon.send.php, where the file parameter can be used with a _log/ pathname to gain read access to sensitive information. Remediation per connected sources is to upgrade ...
GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin Vulnerability
Exploit Title: GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin Application: GLPI Activity 3.1.0 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/InfotelGLPI/activity Advisory:...
GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin
Exploit Title: GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin Date of found: 11 Jun 2022 Application: GLPI Activity 3.1.0 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/InfotelGLPI/activity Advisory:...
GLPI Activity Local File Inclusion
Exploit Title: GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin Date of found: 11 Jun 2022 Application: GLPI Activity 3.1.0 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/InfotelGLPI/activity Advisory:...