4 matches found
CVE-2023-41320
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...
CVE-2023-41320 Account takeover via SQL Injection in UI layout preferences in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...
CVE-2023-41320 Account takeover via SQL Injection in UI layout preferences in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...
CVE-2023-41320
GLPI (Gestionnaire Libre de Parc Informatique) contains a SQL injection flaw in the search feature that affects versions prior to 10.0.13. An authenticated user can exploit the weakness to extract data or alter information, potentially taking control of an admin account. Remediation per connected...