Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-24354

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.00665EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/15 8:16 p.m.14 views

CVE-2024-45611 GLPI has a stored XSS at src/RSSFeed.php

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload t...

5.7CVSS6.6AI score0.00305EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 8:14 p.m.33 views

CVE-2024-45610 GLPI has a reflected XSS in ajax/cable.php

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Cable form...

6.5CVSS0.00333EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 6:24 p.m.37 views

CVE-2024-45608 GLPI has an Authenticated SQL Injection

GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17...

6.5CVSS0.00524EPSS
Exploits0References1
NVD
NVD
added 2024/02/01 6:15 p.m.30 views

CVE-2024-23645

GLPI is a Free Asset and IT Management Software package. A malicious URL can be used to execute XSS on reports pages. Upgrade to 10.0.12...

6.5CVSS6.7AI score0.00886EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/01/25 6:3 a.m.39 views

CVE-2023-22500 glpi Unauthorized access to inventory files

GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6 are vulnerable to Incorrect Authorization. This vulnerability allow unauthorized access to inventory files. Thus, if anonymous access to FAQ is allowed, inventory files are accessbile by...

7.5CVSS7.6AI score0.00844EPSS
Exploits0References1
NVD
NVD
added 2022/11/03 4:15 p.m.31 views

CVE-2022-39371

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Script related HTML tags in assets inventory information are not properly neutralized. This issue has...

7.5CVSS0.00442EPSS
Exploits0References1
Rows per page
Query Builder