VYPR

Glpi

by Glpi Project

Source repositories

CVEs (201)

  • CVE-2020-11036May 5, 2020
    risk 0.00cvss epss 0.01

    In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "" reproduces the attack. This can be exploited by a…

  • CVE-2020-11035May 5, 2020
    risk 0.00cvss epss 0.01

    In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6.

  • CVE-2020-11033May 5, 2020
    risk 0.00cvss epss 0.01

    In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All api_tokens which can be used to do privileges escalations or read/update/delete…

  • CVE-2020-11032May 5, 2020
    risk 0.00cvss epss 0.01

    In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version 9.4.6.

  • CVE-2019-14666Sep 25, 2019
    risk 0.00cvss epss 0.02

    GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary…

  • CVE-2019-1010307Jul 15, 2019
    risk 0.00cvss epss 0.01

    GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting (XSS). The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a…

  • CVE-2019-1010310Jul 12, 2019
    risk 0.00cvss epss 0.01

    GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection allowing admins to phish users by putting code in reminder description. The impact is: Admins can phish any user or group of users for credentials / credit cards. The component is: Tools > Reminder >…

  • CVE-2019-13240Jul 10, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in GLPI before 9.4.1. After a successful password reset by a user, it is possible to change that user's password again during the next 24 hours without any information except the associated email address.

  • CVE-2019-13239Jul 4, 2019
    risk 0.00cvss epss 0.01

    inc/user.class.php in GLPI before 9.4.3 allows XSS via a user picture.

  • CVE-2019-10233Mar 27, 2019
    risk 0.00cvss epss 0.01

    Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie.

  • CVE-2019-10231Mar 27, 2019
    risk 0.00cvss epss 0.02

    Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php).

  • CVE-2018-7563MedMar 12, 2018
    risk 0.00cvss 6.1epss 0.01

    An issue was discovered in GLPI through 9.2.1. The application is affected by XSS in the query string to front/preference.php. An attacker is able to create a malicious URL that, if opened by an authenticated user with debug privilege, will execute JavaScript code supplied by…

  • CVE-2018-7562HigMar 12, 2018
    risk 0.00cvss 7.5epss 0.02

    A remote code execution issue was discovered in GLPI through 9.2.1. There is a race condition that allows temporary access to an uploaded executable file that will be disallowed. The application allows an authenticated user to upload a file when he/she creates a new ticket via…

  • CVE-2015-7685Oct 5, 2015
    risk 0.00cvss epss 0.02

    GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the _profiles_id parameter to front/user.form.php.

  • CVE-2015-7684Oct 5, 2015
    risk 0.00cvss epss 0.04

    Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated users to execute arbitrary code by adding a file with an executable extension as an attachment to a new ticket, then accessing it via a direct request to the file in files/_tmp/.

  • CVE-2014-8360Apr 14, 2015
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in…

  • CVE-2014-5032Apr 14, 2015
    risk 0.00cvss epss 0.02

    GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.

  • CVE-2012-4003Oct 9, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI before 0.83.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.

  • CVE-2012-4002Oct 9, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI before 0.83.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2012-1037Jul 12, 2012
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 through 0.80.61 allows remote authenticated users to execute arbitrary PHP code via a URL in the sub_type parameter.

Page 10 of 11