2 matches found
MGASA-2018-0330 Updated glpi packages fix security vulnerability
The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php CVE-2018-13049...
MGASA-2015-0204 Updated glpi packages fix a security vulnerability
Updated glpi package fixes security vulnerability: Any user who has the rights to create a new user can create a super-admin user...