Glpi@0.83.8 Security Vulnerabilities and Issues — Glpi@0.83.8 CVE List

Lucene search

Glpi-projectGlpi0.83.8

2 matches found

CVE•added 2013/09/23 3:49 a.m.•120 views

CVE-2013-5696

inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and (1) perform a SQL injection via an Etape_4 action or (2) execute arbitrary...

6.8CVSS8.1AI score0.6873EPSS

CVE•added 2014/05/27 3:0 p.m.•49 views

CVE-2013-2225

inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to unserialize arbitrary PHP objects via the _predefined_fields parameter to front/ticket.form.php.

6.4CVSS7.4AI score0.15509EPSS