Unrated severityCISA KEVNVD Advisory· Published Sep 19, 2022· Updated Oct 21, 2025
CVE-2022-35914
CVE-2022-35914
Description
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
Affected products
1- GLPI/htmlawed module for GLPIdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- packetstormsecurity.com/files/169501/GLPI-10.0.2-Command-Injection.htmlmitre
- www.bioinformatics.org/phplabware/sourceer/sourceer.phpmitre
- github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/POC_2022-35914.shmitre
- glpi-project.org/fr/glpi-10-0-3-disponible/mitre
- mayfly277.github.io/posts/GLPI-htmlawed-CVE-2022-35914/mitre
News mentions
0No linked articles in our index yet.