Unrated severityNVD Advisory· Published Jul 10, 2019· Updated Aug 4, 2024
CVE-2019-12723
CVE-2019-12723
Description
An issue was discovered in the Teclib Fields plugin through 1.9.2 for GLPI. it allows SQL Injection via container_id and old_order parameters to ajax/reorder.php by an unauthenticated user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Teclib/Fields plugindescription
- Range: <=1.9.2
Patches
Vulnerability mechanics
References
3- github.com/pluginsGLPI/fields/blob/master/ajax/reorder.phpmitrex_refsource_MISC
- github.com/pluginsGLPI/fields/pull/317mitrex_refsource_MISC
- github.com/pluginsGLPI/fields/releases/tag/1.10.0mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.