Unrated severityNVD Advisory· Published Oct 7, 2020· Updated Aug 4, 2024

Unauthenticated File Deletion in GLPI

CVE-2020-15175

Description

In GLPI before version 9.5.2, the pluginimage.send.php endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and folders contained in “/files/”. Some of the sensitive information that is compromised are the user sessions, logs, and more. An attacker would be able to get the Administrators session token and use that to authenticate. The issue is patched in version 9.5.2.

Affected products

Glpi Project/Glpiv5
Range: < 9.5.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/glpi-project/glpi/commit/6ca9a0e77299a755c356d758344a23278df67f65mitrex_refsource_MISC
github.com/glpi-project/glpi/security/advisories/GHSA-rm52-jx9h-rwcpmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.030
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000