31 matches found
GLPI Inventory Plugin SQL注入漏洞
GLPI Inventory Plugin is an open-source plugin developed by French company GLPI. It is used to process various types of tasks for the GLPI agent. Versions of the GLPI Inventory Plugin prior to 1.6.6 contained a SQL injection vulnerability, which stems from improper handling of user input,...
CVE-2026-26001
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...
CVE-2026-26001 GLPI Inventory Plugin has SQL Injection on dropdown_calendar Report
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...
CVE-2026-26001 GLPI Inventory Plugin has SQL Injection on dropdown_calendar Report
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...
CVE-2026-26001 GLPI Inventory Plugin has SQL Injection on dropdown_calendar Report
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6...
CVE-2026-26001
CVE-2026-26001 affects the GLPI Inventory Plugin. The vulnerability is an SQL injection in the dropdown_calendar report, caused by non-sanitized user input prior to version 1.6.6. The issue allows an attacker with adequate rights to influence the database query (impacting confidentiality; integri...
CVE-2026-25590
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6...
CVE-2026-25590 GLPI Inventory Plugin has Reflected XSS in task jobs
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6...
CVE-2026-25590 GLPI Inventory Plugin has Reflected XSS in task jobs
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6...
CVE-2025-32786
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...
CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...
CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...
GLPI Inventory Plugin SQL注入漏洞
GLPI Inventory Plugin is an open source plugin for GLPI France. It is used to handle various types of tasks for GLPI agents. A SQL injection vulnerability exists in GLPI Inventory Plugin 1.5.0 and prior versions, which stems from user input that is not adequately validated and escaped, and could...
EUVD-2025-6436
Malicious code in bioql PyPI...
EUVD-2025-14843
Malicious code in bioql PyPI...
CVE-2025-27147
The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory SNMP, software deployment, VMWare ESX host remote inventory, and data collection files, Windows registry, WMI. Versions prior to 1.5.0 have an improper access control vulnerability...
GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi
GLPI use auxiliary/gather/glpiinventorypluginunauthsqli msf auxiliaryglpiinventorypluginunauthsqli show actions ...actions... msf auxiliaryglpiinventorypluginunauthsqli set ACTION msf auxiliaryglpiinventorypluginunauthsqli show options ...show and set options... msf...
CVE-2025-27147
The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory SNMP, software deployment, VMWare ESX host remote inventory, and data collection files, Windows registry, WMI. Versions prior to 1.5.0 have an improper access control vulnerability...
CVE-2025-27147 GLPI Inventory plugin has Improper Access Control Vulnerability
The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory SNMP, software deployment, VMWare ESX host remote inventory, and data collection files, Windows registry, WMI. Versions prior to 1.5.0 have an improper access control vulnerability...
CVE-2025-27147 GLPI Inventory plugin has Improper Access Control Vulnerability
The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory SNMP, software deployment, VMWare ESX host remote inventory, and data collection files, Windows registry, WMI. Versions prior to 1.5.0 have an improper access control vulnerability...