VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Sep 23, 2013· Updated Apr 29, 2026

CVE-2013-5696

CVE-2013-5696

Description

inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and (1) perform a SQL injection via an Etape_4 action or (2) execute arbitrary PHP code via an update_1 action.

Affected products

79
  • Glpi Project/Glpi79 versions
    cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*+ 78 more
    • cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*range: <=0.84.1
    • cpe:2.3:a:glpi-project:glpi:0.20:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.21:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.30:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.31:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.40:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.41:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.42:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.51:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.51a:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.5:rc1:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.5:rc2:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.65:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.65:rc1:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.65:rc2:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.68:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.68.1:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.68.2:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.68.3:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.68:rc1:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.68:rc2:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.68:rc3:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.6:rc1:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.6:rc2:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.6:rc3:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.70:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.70.1:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.70.2:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.70:rc1:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.70:rc2:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.70:rc3:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.1:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.1:rc2:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.1:rc3:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.2:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.3:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.4:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.5:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.71.6:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.72:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.72.1:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.72.2:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.72.3:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.72.4:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.72:rc1:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.72:rc2:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.72:rc3:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.78:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.78.1:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.78.2:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.78.3:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.78.4:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.78.5:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80.1:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80.2:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80.3:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80.4:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80.5:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80.6:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80.61:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.80.7:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.1:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.2:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.3:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.31:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.4:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.5:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.6:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.7:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.8:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.9:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.83.91:*:*:*:*:*:*:*
    • cpe:2.3:a:glpi-project:glpi:0.84:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.