5 matches found
GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Vulnerability
Exploit Title: GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Version: =10.0.0 and 10.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...
GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure
Exploit Title: GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Date: 11 Jun 2022 Version: =10.0.0 and 10.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...
CVE-2022-31068 Sensitive Data Exposure on Refused Inventory Files in GLPI
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all GLPI instances with the native inventory used may leak sensitive information. The feature to get refused file is not authenticated...
CVE-2022-31068 Sensitive Data Exposure on Refused Inventory Files in GLPI
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all GLPI instances with the native inventory used may leak sensitive information. The feature to get refused file is not authenticated...
CVE-2022-31068
CVE-2022-31068 affects GLPI installations that use the native inventory, where all such instances may leak sensitive information due to an unauthenticated access path. The issue is addressed in GLPI version 10.0.2; all affected users are advised to upgrade to 10.0.2 or newer. The provided documen...