8 matches found
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...
The vulnerability of the htmlawed module in the GLPI system for job requests, incidents, and computer equipment inventory allows a hacker to inject arbitrary PHP code.
The vulnerability of the htmlawed module in the GLPI system for job requests, incidents, and computer equipment inventory management is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to inject arbitrary PHP code remotely...
ROS-20250303-02
Vulnerability in the htmlawed module of the GLPI computer hardware request, incident and inventory system is related to incorrect input validation in /vendor/htmlawed/htmlawed/htmlawed/htmLawedTest.php. Exploitation of the of the vulnerability could allow an attacker acting remotely to inject...
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...
GLPI 注入漏洞
GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner cartridg...
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection...
PT-2022-23020
Name of the Vulnerable Software and Affected Versions GLPI versions prior to 10.0.3 Description The htmlawed module in GLPI contains an issue related to improper input validation and code generation management. This allows a remote attacker to perform PHP code injection via the endpoint...