2 matches found
Exploit for Use of Hard-coded Credentials in Glpi-Project Glpi
CVE-2020-5248 POC 환경 구성 및 테스트 입니다. 테스트 방법 - 환경 구성 v...
CVE-2020-5248
GLPI before version 9.4.6 is vulnerable due to a default, public encryption key (GLPIKEY) used to encrypt data. This allows decryption of sensitive data stored with that key. The issue arises because changing the key after installation requires re-encrypting existing data, and some columns/rows (...