Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:39 a.m.16 views

CVE-2022-35914

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...

9.8CVSS7.2AI score0.99628EPSS
Exploits13References1
GithubExploit
GithubExploit
added 2024/08/25 7:32 p.m.525 views

Exploit for Injection in Glpi-Project Glpi

CVE-2022-35914poc Modified for GLPI Offsec Lab: calluserfun...

9.8CVSS9.8AI score0.99628EPSS
Exploits13
Exploit DB
Exploit DB
added 2024/05/19 12:0 a.m.839 views

htmlLawed 1.2.5 - Remote Code Execution (RCE)

Exploit Title: htmlLawed 1.2.5 - Remote Code Execution RCE Date: 2024-04-24 Exploit Author: Miguel Redondo aka d4t4s3c Vendor Homepage: https://www.bioinformatics.org/phplabware/internalutilities/htmLawed Software Link: https://github.com/kesar/HTMLawed Version: -c \n" exit else banner echo -e "\...

9.8CVSS9.5AI score0.99628EPSS
Exploits13
0day.today
0day.today
added 2024/05/19 12:0 a.m.371 views

htmlLawed 1.2.5 - Remote Code Execution Exploit

Exploit Title: htmlLawed 1.2.5 - Remote Code Execution RCE Exploit Author: Miguel Redondo aka d4t4s3c Vendor Homepage: https://www.bioinformatics.org/phplabware/internalutilities/htmLawed Software Link: https://github.com/kesar/HTMLawed Version: -c \n" exit else banner echo -e "\n+ Command output...

9.8CVSS7AI score0.99628EPSS
Exploits13
GithubExploit
GithubExploit
added 2024/04/24 6:39 a.m.289 views

Exploit for Injection in Glpi-Project Glpi

It is an offensive tool for GLPI. This repository contains a pro...

9.8CVSS10AI score0.99628EPSS
Exploits13
The Hacker News
The Hacker News
added 2023/03/08 6:30 a.m.135 views

CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added three security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2022-35914 CVSS score: 9.8 - Teclib GLPI Remote Code Execution...

9.8CVSS0.4AI score0.99628EPSS
Exploits40
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.301 views

HTMLawed < 1.2.9 Command Injection (CVE-2022-35914)

Binary data htmlawedcmdinjection.nbin...

9.8CVSS9.6AI score0.99628EPSS
Exploits13References2
Check Point Advisories
Check Point Advisories
added 2022/11/06 12:0 a.m.53 views

GLPI Project Code Injection (CVE-2022-35914)

A code injection vulnerability exists in GLPI Project. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.5AI score0.99628EPSS
Exploits13
0day.today
0day.today
added 2022/10/25 12:0 a.m.592 views

GLPI 10.0.2 Command Injection Exploit

This Metasploit module exploits an unauthenticated PHP command injection vulnerability in GLPI versions 10.0.2 and below to execute a command. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GL...

9.8CVSS0.5AI score0.99628EPSS
Exploits13
Packet Storm
Packet Storm
added 2022/10/25 12:0 a.m.710 views

GLPI 10.0.2 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GLPI htmLawed php command injection', 'Description' = %q This exploit takes advantage of a unauthenticated php command injection available from...

9.8CVSS9.6AI score0.99628EPSS
Exploits13
Metasploit
Metasploit
added 2022/10/24 7:50 p.m.1049 views

GLPI htmLawed php command injection

This exploit takes advantage of a unauthenticated php command injection available from GLPI versions 10.0.2 and below to execute a command. Module Options msf use exploit/linux/http/glpihtmlawedphpinjection msf exploitglpihtmlawedphpinjection show targets ...targets... msf...

9.8CVSS9AI score0.99628EPSS
Exploits13
Circl
Circl
added 2022/10/04 11:1 a.m.12 views

CVE-2022-35914

creationtimestamp| type| source ---|---|--- 2022-10-04 11:01:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/6910 2022-10-10 16:30:23+00:00| published-proof-of-concept| https://t.me/MrVGunz/553 2022-10-11 16:30:21+00:00| published-proof-of-concept|...

9.8CVSS7.6AI score0.99628EPSS
In wildExploits13References28
GithubExploit
GithubExploit
added 2022/09/30 4:43 p.m.569 views

Exploit for Injection in Glpi-Project Glpi

This is a PoC exploit for CVE-2022-35914, a vulnerability in an...

9.8CVSS9.8AI score0.99628EPSS
Exploits13
GithubExploit
GithubExploit
added 2022/09/30 4:43 p.m.515 views

Exploit for Injection in Glpi-Project Glpi

It is an offensive tool for web exploitation. This repository co...

9.8CVSS9.9AI score0.99628EPSS
Exploits13
ALT Linux
ALT Linux
added 2022/09/23 12:0 a.m.36 views

Security fix for the ALT Linux 9 package glpi version 9.5.9-alt1

9.5.9-alt1 built Sept. 23, 2022 Pavel Zilke in task 307140 Sept. 14, 2022 Pavel Zilke - New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API +...

8.6AI score0.99628EPSS
Exploits13
Cvelist
Cvelist
added 2022/09/19 12:0 a.m.43 views

CVE-2022-35914

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...

9.9AI score0.99628EPSS
Exploits13References7
OSV
OSV
added 2022/09/19 12:0 a.m.34 views

CVE-2022-35914

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...

9.8CVSS7.3AI score0.99628EPSS
Exploits13References10
Vulnrichment
Vulnrichment
added 2022/09/19 12:0 a.m.9 views

CVE-2022-35914

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...

9.8AI score0.99628EPSS
Exploits13References7
ATTACKERKB
ATTACKERKB
added 2022/09/19 12:0 a.m.54 views

CVE-2022-35914

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9.8CVSS2.2AI score0.99628EPSS
In wildExploits13References8
CVE
CVE
added 2022/09/19 12:0 a.m.1109 views

CVE-2022-35914

CVE-2022-35914 affects GLPI’s htmlawed integration via htmLawedTest.php, enabling PHP code injection. Exploit PoCs exist (PoC scripts and reports in Exploit-DB and GitHub repos) demonstrating remote code execution potential. CVSS v3.1 base score 9.8 (C/H I/H A/H) with network attack vector and no...

9.8CVSS9.6AI score0.99628EPSS
In wildExploits13References8Affected Software1
Rows per page
Query Builder