Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

UbuntuCve
UbuntuCveadded 2024/03/18 5:15 p.m.21 views

CVE-2024-27098

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13...

9.6CVSS5.8AI score0.14347EPSS
Exploits0References4
CVE
CVEadded 2024/03/18 4:16 p.m.74 views

CVE-2024-27104

GLPI contains a stored XSS flaw in the dashboards feature: a user able to create/share dashboards can inject JavaScript, which executes when others open the dashboard. The issue is documented across multiple sources and is mitigated by patching to GLPI version 10.0.13. RISKS and exploit specifics...

4.8CVSS4.8AI score0.00373EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2024/03/18 4:14 p.m.17 views

CVE-2024-27098 Blind Server-Side Request Forgery (SSRF) using Arbitrary Object Instantiation in GLPI

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13...

6.4CVSS6.8AI score0.14347EPSS
Exploits0References3
Rows per page
Query Builder