CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

Redos•added 2026/04/17 12:0 a.m.•3 views

ROS-20260417-73-0009

Vulnerability in glpi-plugin-mreporting related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

6.5CVSS6.2AI score0.00242EPSS

Exploits0

RedhatCVE•added 2026/02/13 7:18 p.m.•5 views

CVE-2026-22821

mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possible SQL injection on date change. This vulnerability is fixed in 1.9.4...

6.5CVSS5.8AI score0.00242EPSS

Exploits0References1

NVD•added 2026/02/12 7:15 p.m.•11 views

CVE-2026-22821

mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possible SQL injection on date change. This vulnerability is fixed in 1.9.4...

6.5CVSS0.00242EPSS

Exploits0References2

Vulnrichment•added 2026/02/12 6:43 p.m.•4 views

CVE-2026-22821 mreporting affected by a SQLI on date change

mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possible SQL injection on date change. This vulnerability is fixed in 1.9.4...

4.9CVSS5.8AI score0.00242EPSS

Exploits0References2

Cvelist•added 2026/02/12 6:43 p.m.•27 views

CVE-2026-22821 mreporting affected by a SQLI on date change

mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possible SQL injection on date change. This vulnerability is fixed in 1.9.4...

4.9CVSS0.00242EPSS

Exploits0References2

CVE•added 2026/02/12 6:43 p.m.•12 views

CVE-2026-22821

CVE-2026-22821 affects the GLPI mreporting plugin (prior to 1.9.4). The vulnerability is an SQL injection triggered by a date change in mreporting, with potential impact to confidentiality (HIGH) and no impact to integrity/availability per the provided metrics. Upgrading to version 1.9.4 fixes th...

6.5CVSS5.8AI score0.00242EPSS

Exploits0References2Affected Software1

OSV•added 2026/02/12 6:43 p.m.•5 views

CVE-2026-22821 mreporting affected by a SQLI on date change

mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possible SQL injection on date change. This vulnerability is fixed in 1.9.4...

4.9CVSS5.9AI score0.00242EPSS

Exploits0References4

Positive Technologies•added 2026/02/12 12:0 a.m.•7 views

PT-2026-7885

mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is a possible SQL injection on date change. This vulnerability is fixed in 1.9.4...

4.9CVSS5.8AI score0.00242EPSS

Exploits0References3

Vulnrichment•added 2025/12/19 4:35 p.m.•5 views

CVE-2025-65035 GLPI Database Inventory Plugin Vulnerable to Stored Object Injection

pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. Prior to version 1.1.2, in certain conditions database write access must first be obtained through another vulnerability or misconfiguration...

6.4CVSS6.6AI score0.0026EPSS

Exploits0References3

Cvelist•added 2025/12/19 4:35 p.m.•26 views

CVE-2025-65035 GLPI Database Inventory Plugin Vulnerable to Stored Object Injection

6.4CVSS0.0026EPSS

Exploits0References3

NVD•added 2025/11/18 5:16 p.m.•7 views

CVE-2025-53360

pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. In versions prior to 1.0.3, any authenticated user could send requests to agents. This issue has been patched in version 1.0.3...

4.3CVSS0.00256EPSS

Exploits0References4