Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-32476

Malicious code in bioql PyPI...

4.8CVSS5AI score0.0077EPSS
Exploits0References3
Redos
Redosadded 2024/03/28 12:0 a.m.21 views

ROS-20240328-01

GLPI's asset management and data center management software vulnerability is related to the SQL code injection through administration of dashboards. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries...

9.1CVSS8.5AI score0.00306EPSS
Exploits0
FreeBSD
FreeBSDadded 2023/07/13 12:0 a.m.21 views

GLPI vulnerable to SQL injection via dashboard administration

[email protected] reports: GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in...

9.1CVSS8.3AI score0.00306EPSS
Exploits0References1
Prion
Prionadded 2023/04/05 6:15 p.m.22 views

Design/Logic Flaw

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versio...

4.3CVSS6AI score0.0077EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCveadded 2023/04/05 6:15 p.m.55 views

CVE-2023-28852

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versio...

4.8CVSS5.9AI score0.0077EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2023/04/05 5:45 p.m.9 views

CVE-2023-28852 GLPI vulnerable to stored Cross-site Scripting through dashboard administration

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versio...

4.8CVSS5.5AI score0.0077EPSS
Exploits0References3
Cvelist
Cvelistadded 2023/04/05 5:45 p.m.15 views

CVE-2023-28852 GLPI vulnerable to stored Cross-site Scripting through dashboard administration

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versio...

4.8CVSS5.8AI score0.0077EPSS
Exploits0References3
Rows per page
Query Builder