Lucene search
K

10 matches found

GithubExploit
GithubExploit
added 2025/09/16 12:52 p.m.237 views

Exploit for SQL Injection in Glpi-Project Glpi

CVE-2025-247...

9.8CVSS7AI score0.86182EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-24799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability ...

9.8CVSS5.6AI score0.86182EPSS
Exploits5References2
VulnCheck KEV
VulnCheck KEV
added 2025/04/17 12:0 a.m.8 views

VulnCheck KEV: CVE-2025-24799

GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18...

9.8CVSS5.9AI score0.86182EPSS
Exploits5References1
GithubExploit
GithubExploit
added 2025/04/15 4:57 a.m.398 views

Exploit for SQL Injection in Glpi-Project Glpi

Exploit-CVE-2025-24799 CVE-2025-24799 Exploit: GLPI - Unauthen...

9.8CVSS6.3AI score0.86182EPSS
Exploits5
GithubExploit
GithubExploit
added 2025/04/03 4:55 p.m.492 views

Exploit for SQL Injection in Glpi-Project Glpi

CVE-2025-24799 SQLi Scanner A fast SQL injection vulnerabilit...

9.8CVSS6.5AI score0.86182EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2025/03/20 7:18 p.m.10 views

CVE-2025-24799

GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18...

9.8CVSS8AI score0.86182EPSS
Exploits5References1
UbuntuCve
UbuntuCve
added 2025/03/18 7:15 p.m.28 views

CVE-2025-24799

GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18...

9.8CVSS6.5AI score0.86182EPSS
Exploits5References1
CVE
CVE
added 2025/03/18 6:27 p.m.238 views

CVE-2025-24799

GLPI pre-auth SQL injection in the Inventory feature affects versions up to 10.0.17 due to insufficient sanitization of XML input in handleAgent, where SimpleXMLElement objects can bypass dbEscapeRecursive and allow arbitrary SQL via the inventory endpoint. Impact: unauthenticated access to data....

9.8CVSS7.9AI score0.86182EPSS
In wildExploits5References1Affected Software1
Cvelist
Cvelist
added 2025/03/18 6:27 p.m.34 views

CVE-2025-24799 GLPI allows unauthenticated SQL injection through the inventory endpoint

GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18...

7.5CVSS0.86182EPSS
Exploits5References1
Circl
Circl
added 2025/03/12 10:58 a.m.84 views

CVE-2025-24799

creationtimestamp| type| source ---|---|--- 2025-03-12 10:58:14+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lk6geieskt2j 2025-03-12 11:30:36+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lk6i6evc3a2c 2025-03-12 12:09:32+00:00| seen|...

9.8CVSS6.3AI score0.86182EPSS
In wildExploits5References39
Rows per page
Query Builder