3 matches found
CVE-2026-22248
GLPI 11.0.0 through 11.0.4 is affected by a Remote Code Execution vulnerability mediated by an unsafe PHP instantiation when an authenticated technician uploads a malicious file. The issue allows code execution on the server due to how the uploaded file is processed. The vulnerability is fixed in...
CVE-2026-22247
GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5...
CVE-2026-22247
GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5...