Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 05/07/2023 Updated: 10/07/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.8, Computer Virtual Machine form and GLPI inventory request can be used to perform a SQL injection attack. Version 10.0.8 has a patch for this issue. As a workaround, one may disable native inventory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
glpi-project glpi

CWE-89 https://github.com/glpi-project/glpi/security/advisories/GHSA-vf5h-jh9q-2gjm https://github.com/glpi-project/glpi/releases/tag/10.0.8 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-36808

Vulnerability Summary

References

Vulmon Search

About

Products

Connect