5 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-27098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated us...
FreeBSD : GLPI -- multiple vulnerabilities (bb49f1fa-00da-11ef-92b7-589cfc023192)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the bb49f1fa-00da-11ef-92b7-589cfc023192 advisory. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Servic...
CVE-2024-27098
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13...
CVE-2024-27098 Blind Server-Side Request Forgery (SSRF) using Arbitrary Object Instantiation in GLPI
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13...
GLPI -- multiple vulnerabilities
GLPI team reports: GLPI 10.0.13 Changelog SECURITY - high SQL Injection in through the search engine CVE-2024-27096 SECURITY - moderate Blind SSRF using Arbitrary Object Instantiation CVE-2024-27098 SECURITY - moderate Stored XSS in dashboards CVE-2024-27104 SECURITY - moderate Reflected XSS in...