4 matches found
CVE-2023-37278
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...
UBUNTU-CVE-2023-37278
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in version 10.0.9...
CVE-2023-37278
GLPI (Asset and IT Management software) is affected by SQL injection vulnerabilities disclosed across multiple sources. The initial CVE-2023-37278 entry states an administrator can trigger SQL injection via dashboards administration, with a patch available in version 10.0.9. Connected documents d...
PT-2023-8862 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.9 Description: The issue is related to SQL injection via dashboards administration, allowing a remote attacker to execute arbitrary SQL queries. This can be triggered by an administrator. Recommendations: For...