VYPR

Dashboard

by Glpi Project

CVEs (2)

  • CVE-2021-30144MedApr 6, 2021
    risk 0.28cvss 4.3epss 0.01

    The Dashboard plugin through 1.0.2 for GLPI allows remote low-privileged users to bypass access control on viewing information about the last ten events, the connected users, and the users in the tech category. For example, plugins/dashboard/front/main2.php can be used.

  • CVE-2019-12530CriJun 2, 2019
    risk 0.00cvss 9.8epss 0.02

    Incorrect access control was discovered in the stdonato Dashboard plugin through 0.9.7 for GLPI, affecting df.php, issue.php, load.php, mem.php, traf.php, and uptime.php in front/sh.