Lucene search
K

18 matches found

Packet Storm
Packet Storm
added 2026/02/20 12:0 a.m.112 views

📄 GLPI Accessible Documents Insecure Direct Object Reference

This Metasploit auxiliary module scans a GLPI installation for improperly exposed documents linked to KnowbaseItem objects via the document.send.php endpoint. The module performs an automated enumeration of docid values within a defined range and attempts to access documents without authenticatio...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-34107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Versions of the software starting with 9.2.0 and prior to 10.0.8 have an incorrect rights check on a on...

6.5CVSS6.4AI score0.0057EPSS
Exploits0References2
OSV
OSV
added 2023/07/05 8:15 p.m.2 views

UBUNTU-CVE-2023-34107

GLPI is a free asset and IT management software package. Versions of the software starting with 9.2.0 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user, allows access to the view all KnowbaseItems. Version 10.0.8 has a patch for this issue...

6.5CVSS6.6AI score0.0057EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/05 12:0 a.m.6 views

PT-2023-24678 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions 9.2.0 through 10.0.7 Description: The issue is related to an incorrect rights check on a file accessible by an authenticated user, allowing access to view all KnowbaseItems. Recommendations: For versions 9.2.0 through 10.0.7,...

10CVSS6.8AI score0.99628EPSS
Exploits27References157
Huntr
Huntr
added 2022/12/12 12:13 p.m.11 views

Authenticated Reflected XSS on ajax/common.tabs.php

Description There is a reflected XSS vulnerability on ajax/common.tabs.php due to the KnowBase tab not escaping the start parameter properly probably because it's not reflected inside quotes. There was some work into getting the exploit working, due to JQuery's $ not being defined and causing a...

0.3AI score
Exploits0References1
OSV
OSV
added 2021/03/08 5:15 p.m.28 views

CVE-2021-21324

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Direct Object Reference IDOR on "Solutions". This vulnerability gives an unauthorized user the abili...

6.5CVSS6.8AI score
Exploits0References3
OSV
OSV
added 2021/03/08 5:15 p.m.8 views

UBUNTU-CVE-2021-21324

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Direct Object Reference IDOR on "Solutions". This vulnerability gives an unauthorized user the abili...

6.8CVSS7.1AI score0.01416EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2021/03/08 12:0 a.m.4 views

PT-2021-14421 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.4 Description: The issue concerns an Insecure Direct Object Reference IDOR on "Solutions" in GLPI. This allows an unauthorized user to enumerate GLPI items names, including users' logins, using the knowbase search...

10CVSS6.2AI score0.99628EPSS
Exploits32References127
CNNVD
CNNVD
added 2021/03/08 12:0 a.m.7 views

GLPI 安全漏洞

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...

6.8CVSS5.6AI score0.01416EPSS
Exploits1References4
exploitpack
exploitpack
added 2015/01/05 4:14 p.m.27 views

Bitsmith-PS-Knowbase-3.2.3

Personal Knowbase is a program for organizing free-form information using keywords. Build a personal knowledge base of all your notes, messages, and ideas. Store and index your information in one place for easy retrieval using keywords that you choose. The attachment feature even associates disk...

1.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability

No description provided by source. Title: ====== Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability Date: ===== 2012-03-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=474 VL-ID: ===== 474 Introduction: ============= Personal Knowbase is a program for...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/04/10 12:0 a.m.17 views

Bitsmith Software Personal Knowbase knowbase.exe FileOpen Dialogue Local Overflow

The version of Bitsmith Personal Knowledge base installed on the remote Windows host is prior to 3.2.4. It is, therefore, affected by a local buffer overflow vulnerability that can be triggered by specifying an oversized string for a specific registry value. This vulnerability may allow for...

6.2AI score
Exploits0References2
exploitpack
exploitpack
added 2012/03/30 12:0 a.m.30 views

Bitsmith PS Knowbase 3.2.3 - Local Buffer Overflow

Bitsmith PS Knowbase 3.2.3 - Local Buffer Overflow Title: ====== Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability Date: ===== 2012-03-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=474 VL-ID: ===== 474 Introduction: ============= Personal Knowbase is a...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/30 12:0 a.m.46 views

Bitsmith PS Knowbase 3.2.3 Buffer Overflow

Title: ====== Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability Date: ===== 2012-03-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=474 VL-ID: ===== 474 Introduction: ============= Personal Knowbase is a program for organizing free-form information using...

0.4AI score
Exploits0
0day.today
0day.today
added 2012/03/30 12:0 a.m.30 views

Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability

Exploit for windows platform in category local exploits Title: ====== Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability Introduction: ============= Personal Knowbase is a program for organizing free-form information using keywords. Build a personal knowledge base of all your notes,...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2012/03/30 12:0 a.m.31 views

Bitsmith PS Knowbase 3.2.3 - Local Buffer Overflow

Title: ====== Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability Date: ===== 2012-03-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=474 VL-ID: ===== 474 Introduction: ============= Personal Knowbase is a program for organizing free-form information using...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/03/29 12:0 a.m.17 views

Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability

Document Title: =============== Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=474 Release Date: ============= 2012-03-29 Vulnerability Laboratory ID VL-ID: ====================================...

0.3AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/03/29 12:0 a.m.39 views

Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability

Document Title: =============== Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=474 Release Date: ============= 2012-03-29 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
Rows per page
Query Builder