VYPR

GLPI inventory endpoint

by Glpi Project

CVEs (1)

  • CVE-2023-35924HigJul 5, 2023
    risk 0.60cvss 8.6epss 0.49

    GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.8, GLPI inventory endpoint can be used to drive a SQL injection attack. By default, GLPI inventory endpoint requires no authentication. Version 10.0.8 has a patch for…