The vulnerability of the GLPI system’s request, incident, and inventory management functions, related to improper elimination of special elements used in SQL commands, allows a hacker to modify another user’s account data and gain control over it.

The vulnerability of the GLPI system for requests, incidents, and computer equipment inventory management is related to the improper elimination of certain elements used in SQL commands. Exploiting this vulnerability allows a malicious actor to remotely modify another user’s account data and gain...

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory processes, related to the failure to protect the SQL query structure, allows attackers to disclose protected information.

The vulnerability of the GLPI system’s request, incident, and inventory management functions is related to the failure to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to disclose the protected information...

DEBIAN-CVE-2013-4717

Multiple SQL injection vulnerabilities in Open Ticket Request System OTRS Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm,...