Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2023/12/13 6:26 p.m.17 views

CVE-2023-46727 GLPI SQL injection through inventory agent request

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, GLPI inventory endpoint can be used to drive a SQL injection attack. Version 10.0.11 contains a patch for the issue. As a workaround, disable native inventory...

8.6CVSS7.7AI score0.67107EPSS
Exploits0References3
OSV
OSV
added 2023/12/13 6:26 p.m.33 views

CVE-2023-46727 GLPI SQL injection through inventory agent request

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, GLPI inventory endpoint can be used to drive a SQL injection attack. Version 10.0.11 contains a patch for the issue. As a workaround, disable native inventory...

8.6CVSS9.6AI score0.67107EPSS
Exploits0References5
NVD
NVD
added 2023/07/05 9:15 p.m.25 views

CVE-2023-36808

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.8, Computer Virtual Machine form and GLPI inventory request can be used to perform a SQL injection attack. Version 10.0.8 has a patch for this issue. As a workaround, one may disable native...

9.8CVSS9.4AI score0.4464EPSS
Exploits1References2
OSV
OSV
added 2023/07/05 9:15 p.m.3 views

UBUNTU-CVE-2023-36808

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.8, Computer Virtual Machine form and GLPI inventory request can be used to perform a SQL injection attack. Version 10.0.8 has a patch for this issue. As a workaround, one may disable native...

9.8CVSS5.9AI score0.4464EPSS
Exploits1References3
Rows per page
Query Builder