4 matches found
CVE-2022-29250
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to version 10.0.1 it is possible to add extra information by SQL injection on search pages. In order to exploit this vulnerability a user...
CVE-2022-29250 SQL injection in GLPI
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to version 10.0.1 it is possible to add extra information by SQL injection on search pages. In order to exploit this vulnerability a user...
CVE-2022-29250
GLPI vulnerability CVE-2022-29250 affects versions before 10.0.1. A SQL injection flaw on search pages allows a logged-in user to potentially modify information. Root cause: unsafely concatenated/retrieved search queries enabling injection. Impact: integrity is HIGH, confidentiality/availability ...
CVE-2022-29250 SQL injection in GLPI
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to version 10.0.1 it is possible to add extra information by SQL injection on search pages. In order to exploit this vulnerability a user...