2694 matches found
CVE-2025-59935
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.21, an unauthenticated user can store an XSS payload through the inventory endpoint. Users should upgrade to 10.0.21 to receive a patch...
CVE-2025-59935 GLPI Vulnerable to Unauthenticated Stored XSS on the Inventory page
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.21, an unauthenticated user can store an XSS payload through the inventory endpoint. Users should upgrade to 10.0.21 to receive a patch...
CVE-2025-59935 GLPI Vulnerable to Unauthenticated Stored XSS on the Inventory page
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.21, an unauthenticated user can store an XSS payload through the inventory endpoint. Users should upgrade to 10.0.21 to receive a patch...
CVE-2025-59935
GLPI (asset/IT management software) is affected by CVE-2025-59935. In GLPI versions 10.0.0 up to, but not including, 10.0.21, an unauthenticated user can store an XSS payload via the inventory endpoint. The vulnerability is triggered by submitting crafted input to inventory-related requests, allo...
CVE-2025-59935 GLPI Vulnerable to Unauthenticated Stored XSS on the Inventory page
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.21, an unauthenticated user can store an XSS payload through the inventory endpoint. Users should upgrade to 10.0.21 to receive a patch...
PT-2025-51790
Name of the Vulnerable Software and Affected Versions GLPI versions 9.1.0 through 10.0.20 Description An unauthorized user with API access can read all knowledge base entries. The issue affects GLPI versions 9.1.0 and prior to 10.0.21. The affected API allows unauthorized access to knowledge base...
GLPI 跨站脚本漏洞
GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...
PT-2025-51739
Name of the Vulnerable Software and Affected Versions GLPI versions 10.0.0 through 10.0.20 Description GLPI is an asset and IT management software package. An unauthenticated user can store a cross-site scripting XSS payload through the inventory endpoint. Recommendations Upgrade to version 10.0....
CVE-2025-53360
pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. In versions prior to 1.0.3, any authenticated user could send requests to agents. This issue has been patched in version 1.0.3...
PT-2025-47334
Name of the Vulnerable Software and Affected Versions pluginsGLPI Database Inventory Plugin versions prior to 1.0.3 Description The Database Inventory Plugin for pluginsGLPI manages Teclib' inventory agents to inventory databases on workstations. Prior to version 1.0.3, any authenticated user cou...
CVE-2025-32786
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...
CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...
CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...
CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...
GLPI Inventory Plugin SQL注入漏洞
GLPI Inventory Plugin is an open source plugin for GLPI France. It is used to handle various types of tasks for GLPI agents. A SQL injection vulnerability exists in GLPI Inventory Plugin 1.5.0 and prior versions, which stems from user input that is not adequately validated and escaped, and could...
EUVD-2020-7254
Malware in sbrugna...
EUVD-2020-26461
Malware in sbrugna...
EUVD-2021-26808
Malware in sbrugna...
EUVD-2011-2698
Malware in sbrugna...
EUVD-2018-4999
Malware in sbrugna...