GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16.
References
Configurations
No configuration.
History
11 Jul 2024, 13:05
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
10 Jul 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-10 20:15
Updated : 2024-07-11 13:05
NVD link : CVE-2024-37149
Mitre link : CVE-2024-37149
CVE.ORG link : CVE-2024-37149
JSON object : View
Products Affected
No product.
CWE
CWE-73
External Control of File Name or Path