14 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-22044
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. From version 0.85 to before 10.0.23, an authenticated user can perform a SQL injection. This issue has...
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...
EUVD-2020-3420
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-28639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 0.85 and prior to versions 9.5.13 and 10.0.7, a malicious link can be crafted by an...
Linux Distros Unpatched Vulnerability : CVE-2025-52897
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. In versions 9.1.0 through 10.0.18, an unauthenticated user can send a malicious link to attempt a...
GLPI 安全漏洞
GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...
PT-2024-30574 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions 0.80 through 10.0.16 Description: The issue allows an unauthenticated user to use an application endpoint to check if an email address corresponds to a valid GLPI user. Recommendations: For versions 0.80 through 10.0.16, update ...
PT-2023-6847 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.10 Description: The issue is related to the use of the ITIL actors input field from the ticket form, which can be exploited to perform a SQL injection. This allows a remote attacker to potentially capture an...
PT-2023-3798 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions 9.5.0 through 10.0.7 Description: The issue is related to inadequate access control in the GLPI system, which can be exploited by a remote attacker to modify or view dashboard data. This is due to an incorrect rights check on a...
PT-2023-3268 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions 9.5.0 through 9.5.12 GLPI versions 10.0.0 through 10.0.6 Description: The issue is related to insufficient cleaning of user data in the administration panel, allowing a user to inject and execute arbitrary HTML and script code i...
PT-2023-9269 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions 9.4.0 through 10.0.5 Description: The issue is related to Cross-site Scripting XSS due to improper neutralization of input data during web page generation. An attacker can exploit this by persuading a victim to open a URL...
PT-2021-22465 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions 9.1 through 9.5.6 Description: GLPI is a free Asset and IT management software package. Starting in version 9.1 and prior to version 9.5.6, GLPI with API Rest enabled is vulnerable to API bypass with custom header injection. Thi...
PT-2021-14410 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.4 Description: The issue concerns a vulnerability within the document upload function, specifically the "Web Link" form field, which is not properly sanitized. This allows a malicious user with document upload right...
Unspecified Vulnerability in Teclib GLPI
Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A security vulnerability exists in Teclib GLPI 9.4.3 and earlier versions,...