VYPR

Glpi Inventory Plugin

by Glpi Project

Source repositories

CVEs (7)

  • CVE-2025-27147HigMar 25, 2025
    risk 0.46cvss 8.2epss 0.00

    The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory (SNMP), software deployment, VMWare ESX host remote inventory, and data collection (files, Windows registry, WMI). Versions prior to 1.5.0 have an improper access…

  • CVE-2025-32786HigNov 4, 2025
    risk 0.42cvss 7.5epss 0.06

    The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1.

  • CVE-2025-26626MedMar 14, 2025
    risk 0.35cvss 6.5epss 0.00

    The GLPI Inventory Plugin handles various types of tasks for GLPI agents for the GLPI asset and IT management software package. Versions prior to 1.5.0 are vulnerable to reflective cross-site scripting, which may lead to executing javascript code. Version 1.5.0 fixes the issue.

  • CVE-2022-31062Jun 20, 2022
    risk 0.04cvss epss 0.06

    ### Impact A plugin public script can be used to read content of system files. ### Patches Upgrade to version 1.0.2. ### Workarounds `b/deploy/index.php` file can be deleted if deploy feature is not used.

  • CVE-2026-26001Mar 17, 2026
    risk 0.00cvss epss 0.00

    The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, non sanitized user input can lend to an SQL injection from reports, with adequate rights. This vulnerability is fixed in 1.6.6.

  • CVE-2026-25590Mar 3, 2026
    risk 0.00cvss epss 0.00

    The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6.

  • CVE-2022-31082Jun 27, 2022
    risk 0.00cvss epss 0.01

    GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. glpi-inventory-plugin is a plugin for GLPI to handle inventory management. In affected versions a SQL injection can be made using package…