Lucene search
K

4 matches found

UbuntuCve
UbuntuCve
added 2023/09/27 3:19 p.m.13 views

CVE-2023-41320

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...

9.8CVSS7.2AI score0.31871EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/26 9:15 p.m.14 views

CVE-2023-41320 Account takeover via SQL Injection in UI layout preferences in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...

8.1CVSS7.9AI score0.31871EPSS
Exploits0References1
CVE
CVE
added 2023/09/26 9:15 p.m.65 views

CVE-2023-41320

GLPI (Gestionnaire Libre de Parc Informatique) contains a SQL injection flaw in the search feature that affects versions prior to 10.0.13. An authenticated user can exploit the weakness to extract data or alter information, potentially taking control of an admin account. Remediation per connected...

9.8CVSS9.4AI score0.31871EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/26 9:15 p.m.23 views

CVE-2023-41320 Account takeover via SQL Injection in UI layout preferences in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL injection. This injection can be use to...

8.1CVSS10AI score0.31871EPSS
Exploits0References1
Rows per page
Query Builder