Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-27098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated us...

9.6CVSS5.5AI score0.3572EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/24 12:0 a.m.27 views

FreeBSD : GLPI -- multiple vulnerabilities (bb49f1fa-00da-11ef-92b7-589cfc023192)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the bb49f1fa-00da-11ef-92b7-589cfc023192 advisory. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Servic...

9.6CVSS5.9AI score0.58818EPSS
Exploits2References8
NVD
NVD
added 2024/03/18 5:15 p.m.25 views

CVE-2024-27098

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13...

9.6CVSS6.6AI score0.3572EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/18 4:14 p.m.26 views

CVE-2024-27098 Blind Server-Side Request Forgery (SSRF) using Arbitrary Object Instantiation in GLPI

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13...

6.4CVSS6.9AI score0.3572EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2024/03/13 12:0 a.m.42 views

GLPI -- multiple vulnerabilities

GLPI team reports: GLPI 10.0.13 Changelog SECURITY - high SQL Injection in through the search engine CVE-2024-27096 SECURITY - moderate Blind SSRF using Arbitrary Object Instantiation CVE-2024-27098 SECURITY - moderate Stored XSS in dashboards CVE-2024-27104 SECURITY - moderate Reflected XSS in...

9.6CVSS7.6AI score0.58818EPSS
Exploits2References1
Rows per page
Query Builder