Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:11 a.m.11 views

CVE-2022-35946

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In affected versions request input is not properly validated in the plugin controller and can be used ...

6.5CVSS6.6AI score0.00698EPSS
Exploits0References1
ALT Linux
ALT Linux
added 2022/09/23 12:0 a.m.36 views

Security fix for the ALT Linux 9 package glpi version 9.5.9-alt1

9.5.9-alt1 built Sept. 23, 2022 Pavel Zilke in task 307140 Sept. 14, 2022 Pavel Zilke - New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API +...

8.6AI score0.99628EPSS
Exploits13
ALT Linux
ALT Linux
added 2022/09/16 12:0 a.m.117 views

Security fix for the ALT Linux 10 package glpi version 9.5.9-alt1

9.5.9-alt1 built Sept. 16, 2022 Pavel Zilke in task 306811 Sept. 14, 2022 Pavel Zilke - New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API +...

8.6AI score0.99628EPSS
Exploits13
OSV
OSV
added 2022/09/14 5:55 p.m.29 views

CVE-2022-35946 SQL injection through plugin controller in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In affected versions request input is not properly validated in the plugin controller and can be used ...

5.5CVSS7.3AI score0.00698EPSS
Exploits0References4
CVE
CVE
added 2022/09/14 5:55 p.m.282 views

CVE-2022-35946

GLPI vulnerability CVE-2022-35946 is a misvalidation in the plugin controller that can expose the low-level Plugin class API. An attacker with General setup rights can alter database data via this input handling flaw. The recommended fix is upgrading GLPI to version 10.0.3; as a workaround, remov...

6.5CVSS6.1AI score0.00698EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder