Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2024/11/15 8:16 p.m.14 views

CVE-2024-45611 GLPI has a stored XSS at src/RSSFeed.php

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload t...

5.7CVSS6.6AI score0.00305EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 8:14 p.m.33 views

CVE-2024-45610 GLPI has a reflected XSS in ajax/cable.php

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Cable form...

6.5CVSS0.00333EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 6:24 p.m.27 views

CVE-2024-45608 GLPI has an Authenticated SQL Injection

GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17...

6.5CVSS0.00524EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/25 6:3 a.m.39 views

CVE-2023-22500 glpi Unauthorized access to inventory files

GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6 are vulnerable to Incorrect Authorization. This vulnerability allow unauthorized access to inventory files. Thus, if anonymous access to FAQ is allowed, inventory files are accessbile by...

7.5CVSS7.6AI score0.00844EPSS
Exploits0References1
NVD
NVD
added 2022/11/03 4:15 p.m.31 views

CVE-2022-39371

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Script related HTML tags in assets inventory information are not properly neutralized. This issue has...

7.5CVSS0.00442EPSS
Exploits0References1
Rows per page
Query Builder