Filtered by vendor Glpi-project
Subscribe
Total
149 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-1010310 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 3.5 LOW | 3.5 LOW |
GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection allowing admins to phish users by putting code in reminder description. The impact is: Admins can phish any user or group of users for credentials / credit cards. The component is: Tools > Reminder > Description .. Set the description to any iframe/form tags and apply. The attack vector is: The attacker puts a login form, the user fills it and clicks on submit .. the request is sent to the attacker domain saving the data. The fixed version is: 9.4.1. | |||||
CVE-2019-13240 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
An issue was discovered in GLPI before 9.4.1. After a successful password reset by a user, it is possible to change that user's password again during the next 24 hours without any information except the associated email address. | |||||
CVE-2019-13239 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
inc/user.class.php in GLPI before 9.4.3 allows XSS via a user picture. | |||||
CVE-2019-10233 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie. | |||||
CVE-2019-10477 | 2 Fusioninventory, Glpi-project | 2 Fusioninventory, Glpi | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 for GLPI 9.4.x mishandles sendXML actions. | |||||
CVE-2019-1010307 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting (XSS). The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens another ticket and click on the "Link Tickets" feature, 3- a request to the endpoint fetches js and executes it. | |||||
CVE-2018-7563 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in GLPI through 9.2.1. The application is affected by XSS in the query string to front/preference.php. An attacker is able to create a malicious URL that, if opened by an authenticated user with debug privilege, will execute JavaScript code supplied by the attacker. The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes. | |||||
CVE-2018-7562 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 6.0 MEDIUM | 7.5 HIGH |
A remote code execution issue was discovered in GLPI through 9.2.1. There is a race condition that allows temporary access to an uploaded executable file that will be disallowed. The application allows an authenticated user to upload a file when he/she creates a new ticket via front/fileupload.php. This feature is protected using different types of security features like the check on the file's extension. However, the application uploads and creates a file, though this file is not allowed, and then deletes the file in the uploadFiles method in inc/glpiuploaderhandler.class.php. | |||||
CVE-2018-13049 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php. | |||||
CVE-2016-7507 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 6.0 MEDIUM | 8.0 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to submit a request that could lead to the creation of an admin account in the application. | |||||
CVE-2017-11183 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 5.5 MEDIUM | 4.9 MEDIUM |
front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter. | |||||
CVE-2017-11475 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php. | |||||
CVE-2016-7509 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to inject arbitrary web script or HTML by attaching a crafted HTML file to a ticket. | |||||
CVE-2017-11474 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php. | |||||
CVE-2017-11184 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter. | |||||
CVE-2017-11329 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers. | |||||
CVE-2016-7508 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 6.0 MEDIUM | 7.5 HIGH |
Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authenticated remote attacker to execute arbitrary SQL commands by using a certain character when the database is configured to use Big5 Asian encoding. | |||||
CVE-2015-7685 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 4.0 MEDIUM | N/A |
GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the _profiles_id parameter to front/user.form.php. | |||||
CVE-2015-7684 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 9.0 HIGH | N/A |
Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated users to execute arbitrary code by adding a file with an executable extension as an attachment to a new ticket, then accessing it via a direct request to the file in files/_tmp/. | |||||
CVE-2014-9258 | 1 Glpi-project | 1 Glpi | 2024-02-28 | 6.5 MEDIUM | N/A |
SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter. |