5 matches found
PT-2026-30608
Name of the Vulnerable Software and Affected Versions GLPI versions 11.0.0 through 11.0.5 Description GLPI is an asset and IT management software package. A template injection issue, exploitable by an administrator, can lead to Remote Code Execution RCE. Recommendations Update to version 11.0.6 o...
CVE-2026-22248
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated technician user can upload a malicious file and trigger its execution through an unsafe PHP...
EyouCMS 1.4.6 Cross Site Scripting
Exploit Title: EyouCMS 1.4.6 - Persistent Cross-Site Scripting Date: 2020-05-28 Exploit Author: China Banking and Insurance Information Technology Management Co.,Ltd. Vendor Homepage: https://eyoucms.com Software Link: https://qiniu.eyoucms.com/EyouCMS-V1.4.6-UTF8-SP2.zip Version: EyouCMS V1.4.6...
Micro Focus Service Manager Automation SQL Injection Vulnerability
Micro Focus Service Manager is a suite of service desk software from Micro Focus UK. The software supports the deployment of a comprehensive IT service management ITSM system and standardizes management processes. A SQL injection vulnerability exists in Micro Focus SMA. The vulnerability stems fr...
Micro Focus Service Manager Information Disclosure Vulnerability (CNVD-2020-18400)
Micro Focus Service Manager is a suite of service desk software from Micro Focus UK. The software supports the deployment of a comprehensive IT service management ITSM system and standardizes management processes. A security vulnerability exists in Micro Focus Service manager. An attacker could...