Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GLPI — Vulnerabilities & Security Advisories 155

All 155 CVE vulnerabilities found in GLPI, with AI-generated Chinese analysis, references, and POCs.

Vendor: INDEPNET Development Team

CVE IDTitleCVSSSeverityPublished
CVE-2023-28633 GLPI vulnerable to Blind Server-Side Request Forgery (SSRF) in RSS feeds CWE-918 3.5 Low2023-04-05
CVE-2023-28632 GLPI vulnerable to account takeover by authenticated user CWE-269 8.1 High2023-04-05
CVE-2023-28639 GLPI vulnerable to reflected Cross-site Scripting in search pages CWE-79 6.1 Medium2023-04-05
CVE-2022-41941 glpi contains XSS Stored inside Standard Interface Help Link href attribute CWE-79 6.2 Medium2023-01-25
CVE-2023-22500 glpi Unauthorized access to inventory files CWE-863 7.5 High2023-01-25
CVE-2023-22722 glpi subject to Cross-site Scripting (XSS) - Reflected CWE-79 6.8 Medium2023-01-25
CVE-2023-22724 glpi contains XSS in RSS Description Link CWE-79 6.2 Medium2023-01-25
CVE-2023-22725 glpi vulnerable to XSS on external links CWE-79 6.2 Medium2023-01-25
CVE-2023-23610 glpi vulnerable to Unauthorized access to data export CWE-269 6.5 Medium2023-01-25
CVE-2022-39234 user session persists even after permanently deleting account in GLPI CWE-613 4.7 Medium2022-11-03
CVE-2022-39262 Stored Cross-Site Scripting (XSS) on login page in GLPI CWE-83 5.2 Medium2022-11-03
CVE-2022-39276 Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning CWE-918 3.5 Low2022-11-03
CVE-2022-39277 Cross-Site Scripting (XSS) in external links in GLPI CWE-79 4.5 Medium2022-11-03
CVE-2022-39323 SQL Injection on REST API in GLPI CWE-89 7.4 High2022-11-03
CVE-2022-39370 Improper access to debug panel in GLPI CWE-284 4.3 Medium2022-11-03
CVE-2022-39371 Stored Cross-Site Scripting (XSS) through asset inventory in GLPI CWE-80 7.5 High2022-11-03
CVE-2022-39372 Stored Cross-Site Scripting (XSS) in user information in GLPI CWE-79 3.5 Low2022-11-03
CVE-2022-39373 Stored Cross-Site Scripting (XSS) in entity name in GLPI CWE-79 4.9 Medium2022-11-03
CVE-2022-39375 Cross-Site Scripting (XSS) through public RSS feed in GLPI CWE-79 4.5 Medium2022-11-03
CVE-2022-39376 Improper input validation on emails links in GLPI CWE-20 2.6 Low2022-11-03
CVE-2022-31187 Stored Cross Site Scripting (XSS) through global search in GLPI CWE-79 6.8 Medium2022-09-14
CVE-2022-35946 SQL injection through plugin controller in GLPI CWE-89 5.5 Medium2022-09-14
CVE-2022-35947 SQL injection in GLPI CWE-89 10.0 Critical2022-09-14
CVE-2022-36112 Blind Server-Side Request Forgery (SSRF) in GLPI CWE-918 3.5 Low2022-09-14
CVE-2022-35945 Cross site scripting (XSS) via registration API in GLPI CWE-79 6.3 Medium2022-09-14
CVE-2022-31143 Leak of sensitive information through login page error in GLPI CWE-200 5.3 Medium2022-09-14
CVE-2022-31061 SQL injection on login page in GLPI CWE-89 9.8 Critical2022-06-28
CVE-2022-31068 Sensitive Data Exposure on Refused Inventory Files in GLPI CWE-200 5.3 Medium2022-06-28
CVE-2022-31056 SQL injection with _actor parameter in GLPI CWE-89 9.8 Critical2022-06-28
CVE-2022-29250 SQL injection in GLPI CWE-89 8.1 High2022-06-09

All 155 known CVE vulnerabilities affecting GLPI with full Chinese analysis, references, and POCs where available.