| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-41324 | Account takeover through API in GLPI | glpi-project | glpi | High | 8.1 | 2023-09-26 22:37:36 | Deep Dive |
| CVE-2023-41323 | Users login enumeration by unauthenticated user in GLPI | glpi-project | glpi | Medium | 5.3 | 2023-09-26 22:35:37 | Deep Dive |
| CVE-2023-41322 | Privilege Escalation from technician to super-admin in GLPI | glpi-project | glpi | Medium | 4.9 | 2023-09-26 22:34:06 | Deep Dive |
| CVE-2023-41321 | Sensitive fields enumeration through API in GLPI | glpi-project | glpi | Medium | 4.9 | 2023-09-26 21:16:32 | Deep Dive |
| CVE-2023-41320 | Account takeover via SQL Injection in UI layout preferences in GLPI | glpi-project | glpi | High | 8.1 | 2023-09-26 21:15:39 | Deep Dive |
| CVE-2023-37278 | GLPI vulnerable to SQL injection via dashboard administration | glpi-project | glpi | Medium | 6.8 | 2023-07-13 22:37:30 | Deep Dive |
| CVE-2023-36808 | GLPI vulnerable to SQL injection through Computer Virtual Machine information | glpi-project | glpi | High | 8.6 | 2023-07-05 20:52:49 | Deep Dive |
| CVE-2023-35940 | GLPI vulnerable to unauthenticated access to Dashboard data | glpi-project | glpi | High | 7.5 | 2023-07-05 20:46:04 | Deep Dive |
| CVE-2023-35939 | GLPI vulnerable to unauthorized access to Dashboard data | glpi-project | glpi | High | 8.1 | 2023-07-05 20:42:52 | Deep Dive |
| CVE-2023-35924 | GLPI vulnerable to SQL injection via inventory agent request | glpi-project | glpi | High | 8.6 | 2023-07-05 19:35:33 | Deep Dive |
| CVE-2023-34244 | GLPI vulnerable to reflected XSS in search pages | glpi-project | glpi | Medium | 6.5 | 2023-07-05 19:22:08 | Deep Dive |
| CVE-2023-34107 | GLPI vulnerable to unauthorized access to KnowbaseItem data | glpi-project | glpi | Medium | 6.5 | 2023-07-05 19:15:31 | Deep Dive |
| CVE-2023-34106 | GLPI vulnerable to unauthorized access to User data | glpi-project | glpi | Medium | 6.5 | 2023-07-05 17:48:33 | Deep Dive |
| CVE-2023-34254 | Remote inventory task command injection when using ssh command mode | glpi-project | glpi-agent | High | 7.6 | 2023-06-23 20:19:04 | Deep Dive |
| CVE-2023-28852 | GLPI vulnerable to stored Cross-site Scripting through dashboard administration | glpi-project | glpi | Medium | 4.8 | 2023-04-05 17:45:31 | Deep Dive |
| CVE-2023-28849 | GLPI vulnerable to SQL injection and Stored XSS via inventory agent request | glpi-project | glpi | Critical | 10.0 | 2023-04-05 17:41:21 | Deep Dive |
| CVE-2023-28838 | GLPI vulnerable to SQL injection through dynamic reports | glpi-project | glpi | Critical | 9.6 | 2023-04-05 17:39:05 | Deep Dive |
| CVE-2023-28636 | GLPI vulnerable to stored Cross-site Scripting in external links | glpi-project | glpi | Medium | 4.5 | 2023-04-05 17:21:22 | Deep Dive |
| CVE-2023-28634 | GLPI vulnerable to Privilege Escalation from Technician to Super-Admin | glpi-project | glpi | High | 8.8 | 2023-04-05 16:06:11 | Deep Dive |
| CVE-2023-28633 | GLPI vulnerable to Blind Server-Side Request Forgery (SSRF) in RSS feeds | glpi-project | glpi | Low | 3.5 | 2023-04-05 15:27:59 | Deep Dive |