The vulnerability of the GLPI system’s handling of requests and incidents, related to improper neutralization of special elements used in SQL commands, allows attackers to execute arbitrary SQL queries in the database.

The vulnerability of the GLPI application’s request and incident handling system lies in the insufficient cleaning of user data at the final inventory registration stage. Users can send specially created requests to the affected application and execute arbitrary SQL commands in the application’s...

PT-2023-33024 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX versions 4.18.0 Description: A bug in the network handling of inventories was introduced, allowing players to request the server to drop more items than they had available. This led to a server crash and is believed to have been...