Lucene search
K

4 matches found

OSV
OSV
added 2021/03/03 8:15 p.m.23 views

UBUNTU-CVE-2021-21313

GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability in the /ajax/common.tabs.php endpoint, indeed, at least two parameters target and id are not...

6.1CVSS7.1AI score0.00919EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2015/04/14 6:59 p.m.5 views

CVE-2014-8360

Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .. dot dot underscore in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php...

7.5CVSS6AI score0.02845EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2015/04/14 6:59 p.m.25 views

CVE-2014-8360

Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .. dot dot underscore in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php...

7.5CVSS6AI score0.02845EPSS
Exploits0References3
OSV
OSV
added 2015/04/14 6:59 p.m.9 views

UBUNTU-CVE-2014-8360

Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .. dot dot underscore in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php...

7.5CVSS6AI score0.02845EPSS
Exploits0References4
Rows per page
Query Builder