3 matches found
EUVD-2017-2963
Malware in sbrugna...
GLPI 'entity_restrict' parameter SQL injection vulnerability
GLPI is an open source IT resource management suite maintained by the Indepnet Association. The suite includes features such as device status management, asset inventory storage, management processes and work log management. An SQL injection vulnerability exists in versions of GLPI prior to 9.1.5...
UBUNTU-CVE-2017-11329
GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entityrestrict parameter that is not a list of integers...