Lucene search
+L

7 matches found

Packet Storm
Packet Storm
added 2023/10/10 12:0 a.m.572 views

GLPI GZIP(Py3) 9.4.5 Remote Code Execution

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

9CVSS7.1AI score0.10949EPSS
Exploits7
0day.today
0day.today
added 2023/10/09 12:0 a.m.383 views

GLPI GZIP(Py3) 9.4.5 - Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

8.8CVSS8.8AI score0.10949EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2020/12/14 12:0 a.m.32 views

FreeBSD : glpi -- Remote Code Execution (RCE) via the backup functionality (832fd11b-3b11-11eb-af2a-080027dbe4b7)

MITRE Corporation reports : In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only...

9CVSS7.9AI score0.10949EPSS
Exploits7References4
UbuntuCve
UbuntuCve
added 2020/05/12 8:15 p.m.35 views

CVE-2020-11060

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

9CVSS7.3AI score0.10949EPSS
Exploits7References3
Cvelist
Cvelist
added 2020/05/12 7:30 p.m.58 views

CVE-2020-11060 Remote Code Execution in GLPI

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

7.4CVSS8.6AI score0.10949EPSS
Exploits7References3
CVE
CVE
added 2020/05/12 7:30 p.m.162 views

CVE-2020-11060

GLPI prior to 9.4.6 contains a vulnerability in the backup functionality that allows executing system commands. Exploitation is theoretically possible without a valid account via CSRF, but effectively requires an account with Maintenance privileges and the right to add WIFI networks. The issue is...

9CVSS7.9AI score0.10949EPSS
Exploits7References3Affected Software1
Circl
Circl
added 2020/05/12 2:45 p.m.31 views

CVE-2020-11060

creationtimestamp| type| source ---|---|--- 2020-05-12 14:45:16+00:00| published-proof-of-concept| https://t.me/canyoupwnme/6428 2020-05-12 14:52:48+00:00| published-proof-of-concept| https://t.me/techpwnews/635 2021-06-15 01:19:34+00:00| seen| https://t.me/pwnwikizhchannel/649 2024-10-23...

9CVSS8.1AI score0.10949EPSS
Exploits7References4
Rows per page
Query Builder