Unrated severityNVD Advisory· Published May 14, 2014· Updated Jun 16, 2026
CVE-2013-2226
CVE-2013-2226
Description
Multiple SQL injection vulnerabilities in GLPI before 0.83.9 allow remote attackers to execute arbitrary SQL commands via the (1) users_id_assign parameter to ajax/ticketassigninformation.php, (2) filename parameter to front/document.form.php, or (3) table parameter to ajax/comments.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*range: <=0.83.8
- cpe:2.3:a:glpi-project:glpi:0.83:*:*:*:*:*:*:*
- cpe:2.3:a:glpi-project:glpi:0.83.1:*:*:*:*:*:*:*
- cpe:2.3:a:glpi-project:glpi:0.83.2:*:*:*:*:*:*:*
- cpe:2.3:a:glpi-project:glpi:0.83.3:*:*:*:*:*:*:*
- cpe:2.3:a:glpi-project:glpi:0.83.31:*:*:*:*:*:*:*
- cpe:2.3:a:glpi-project:glpi:0.83.4:*:*:*:*:*:*:*
- cpe:2.3:a:glpi-project:glpi:0.83.5:*:*:*:*:*:*:*
- cpe:2.3:a:glpi-project:glpi:0.83.6:*:*:*:*:*:*:*
- cpe:2.3:a:glpi-project:glpi:0.83.7:*:*:*:*:*:*:*
- (no CPE)range: <0.83.9
Patches
Vulnerability mechanics
References
3- www.glpi-project.org/spip.phpnvdPatchVendor Advisory
- www.securityfocus.com/bid/60693nvdExploit
- www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5146.phpnvdExploit
News mentions
0No linked articles in our index yet.