High severity7.7OSV Advisory· Published Aug 5, 2025· Updated Apr 15, 2026
CVE-2025-54780
CVE-2025-54780
Description
The glpi-screenshot-plugin allows users to take screenshots or screens recording directly from GLPI. In versions below 2.0.2, authenticated user can use the /ajax/screenshot.php endpoint to leak files from the system or use PHP wrappers. This is fixed in version 2.0.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2v1.0.0, v1.1.0, v2.0.0, …+ 1 more
- (no CPE)range: v1.0.0, v1.1.0, v2.0.0, …
- (no CPE)range: <2.0.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.