Lucene search
+L

4 matches found

UbuntuCve
UbuntuCve
added 2023/09/27 3:19 p.m.13 views

CVE-2023-42461

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to perform a SQL injection. Users are advised...

9.8CVSS7.2AI score0.00899EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/09/26 10:45 p.m.55 views

CVE-2023-42461 SQL injection in ITIL actors in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to perform a SQL injection. Users are advised...

6.5CVSS10AI score0.00899EPSS
Exploits0References1
CVE
CVE
added 2023/09/26 10:45 p.m.72 views

CVE-2023-42461

GLPI (Gestionnaire Libre de Parc Informatique) has an SQL injection vulnerability (CVE-2023-42461) in the ticket/search path where the ITIL actor input field in the Ticket form can be exploited. This affects GLPI versions prior to 10.0.13; an authenticated user can abuse the vulnerable query, pot...

9.8CVSS8.4AI score0.00899EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/09/26 10:45 p.m.49 views

CVE-2023-42461 SQL injection in ITIL actors in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to perform a SQL injection. Users are advised...

6.5CVSS9.4AI score0.00899EPSS
Exploits0References3
Rows per page
Query Builder