6 matches found
CVE-2026-44281
GLPI CVE-2026-44281 affects GLPI versions 0.78 through prior to 10.0.25 and 11.0.7. An authenticated user with config READ permission can read a specific asset object, exposing information. Patch available by upgrading to 10.0.25 or 11.0.7.
CVE-2026-44281 GLPI vulnerable to unauthorized reading of a specific asset object
GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permission can read a specific asset object. Upgrade to 11.0.7 or 10.0.25 to receive a patch...
CVE-2026-44281
GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permission can read a specific asset object. Upgrade to 11.0.7 or 10.0.25 to receive a patch...
CVE-2026-44281 GLPI vulnerable to unauthorized reading of a specific asset object
GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permission can read a specific asset object. Upgrade to 11.0.7 or 10.0.25 to receive a patch...
PT-2026-45960
GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permission can read a specific asset object. Upgrade to 11.0.7 or 10.0.25 to receive a patch...
OpenClinic GA web portal multiple SQL injection vulnerabilities in the 'getAssets.jsp' page
Summary Multiple exploitable SQL injection vulnerabilities exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OpenClinic GA 5.173.3...