Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glpi-project glpi 0.68 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-34106
GLPI is a free asset and IT management software package. Versions of the software starting with 0.68 and before 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user. This allows access to the list of all users and their personal information. Us...
Glpi-project Glpi
NA
CVE-2013-2225
inc/ticket.class.php in GLPI 0.83.9 and previous versions allows remote malicious users to unserialize arbitrary PHP objects via the _predefined_fields parameter to front/ticket.form.php.
Glpi-project Glpi 0.80.5
Glpi-project Glpi 0.41
Glpi-project Glpi 0.72.4
Glpi-project Glpi 0.72
Glpi-project Glpi 0.80.6
Glpi-project Glpi 0.72.1
Glpi-project Glpi 0.72.2
Glpi-project Glpi 0.83.8
Glpi-project Glpi 0.70
Glpi-project Glpi 0.70.1
Glpi-project Glpi 0.6
Glpi-project Glpi 0.71.5
Glpi-project Glpi 0.68.2
Glpi-project Glpi 0.5
Glpi-project Glpi 0.71.3
Glpi-project Glpi 0.80.2
Glpi-project Glpi 0.71
Glpi-project Glpi 0.71.1
Glpi-project Glpi 0.83.7
Glpi-project Glpi 0.30
Glpi-project Glpi 0.31
Glpi-project Glpi 0.83
1 EDB exploit
NA
CVE-2013-5696
inc/central.class.php in GLPI prior to 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks, and (1) perform a SQL injection via an Etape_4 acti...
Glpi-project Glpi 0.80.5
Glpi-project Glpi 0.41
Glpi-project Glpi 0.72.4
Glpi-project Glpi 0.72
Glpi-project Glpi 0.80.6
Glpi-project Glpi 0.72.1
Glpi-project Glpi 0.72.2
Glpi-project Glpi 0.83.8
Glpi-project Glpi 0.70
Glpi-project Glpi 0.70.1
Glpi-project Glpi 0.6
Glpi-project Glpi 0.71.5
Glpi-project Glpi 0.68.2
Glpi-project Glpi 0.5
Glpi-project Glpi 0.71.3
Glpi-project Glpi 0.84
Glpi-project Glpi 0.80.2
Glpi-project Glpi
Glpi-project Glpi 0.71
Glpi-project Glpi 0.71.1
Glpi-project Glpi 0.83.7
Glpi-project Glpi 0.83.9
2 EDB exploits
NA
CVE-2012-4002
Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI prior to 0.83.3 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Glpi-project Glpi 0.80.5
Glpi-project Glpi 0.41
Glpi-project Glpi 0.72.4
Glpi-project Glpi 0.72
Glpi-project Glpi 0.80.6
Glpi-project Glpi 0.72.1
Glpi-project Glpi 0.72.2
Glpi-project Glpi 0.70
Glpi-project Glpi 0.70.1
Glpi-project Glpi 0.6
Glpi-project Glpi 0.71.5
Glpi-project Glpi 0.68.2
Glpi-project Glpi 0.5
Glpi-project Glpi 0.71.3
Glpi-project Glpi 0.80.2
Glpi-project Glpi 0.71
Glpi-project Glpi 0.71.1
Glpi-project Glpi 0.30
Glpi-project Glpi 0.31
Glpi-project Glpi 0.83
Glpi-project Glpi 0.78.2
Glpi-project Glpi 0.68
NA
CVE-2012-4003
Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI prior to 0.83.3 allow remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Glpi-project Glpi 0.80.5
Glpi-project Glpi 0.41
Glpi-project Glpi 0.72.4
Glpi-project Glpi 0.72
Glpi-project Glpi 0.80.6
Glpi-project Glpi 0.72.1
Glpi-project Glpi 0.72.2
Glpi-project Glpi 0.70
Glpi-project Glpi 0.70.1
Glpi-project Glpi 0.6
Glpi-project Glpi 0.71.5
Glpi-project Glpi 0.68.2
Glpi-project Glpi 0.5
Glpi-project Glpi 0.71.3
Glpi-project Glpi 0.80.2
Glpi-project Glpi 0.71
Glpi-project Glpi 0.71.1
Glpi-project Glpi 0.30
Glpi-project Glpi 0.31
Glpi-project Glpi 0.83
Glpi-project Glpi 0.78.2
Glpi-project Glpi 0.68
NA
CVE-2011-2720
The autocompletion functionality in GLPI prior to 0.80.2 does not blacklist certain username and password fields, which allows remote malicious users to obtain sensitive information via a crafted POST request.
Glpi-project Glpi 0.72.4
Glpi-project Glpi 0.72
Glpi-project Glpi 0.72.1
Glpi-project Glpi 0.72.2
Glpi-project Glpi 0.70
Glpi-project Glpi 0.70.1
Glpi-project Glpi 0.6
Glpi-project Glpi 0.71.5
Glpi-project Glpi 0.68.2
Glpi-project Glpi 0.5
Glpi-project Glpi 0.71.3
Glpi-project Glpi 0.71
Glpi-project Glpi 0.71.1
Glpi-project Glpi 0.78.2
Glpi-project Glpi 0.68
Glpi-project Glpi
Glpi-project Glpi 0.71.2
Glpi-project Glpi 0.71.4
Glpi-project Glpi 0.51
Glpi-project Glpi 0.65
Glpi-project Glpi 0.68.3
Glpi-project Glpi 0.78.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started