Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

glpi — Vulnerabilities & Security Advisories 155

All 155 CVE vulnerabilities found in glpi, with AI-generated Chinese analysis, references, and POCs.

Vendor: INDEPNET Development Team

CVE IDTitleCVSSSeverityPaused
CVE-2022-24876 Stored cross site scrpting in GLPI's Kanban CWE-79 5.4 Medium2022-06-09
CVE-2022-24869 Cross Site Scripting in GLPI CWE-79 4.6 Medium2022-04-21
CVE-2022-24868 Cross site scripting via SVG file upload in GLPI CWE-79 7.3 High2022-04-21
CVE-2022-24867 LDAP password exposure in glpi CWE-200 7.5 High2022-04-21
CVE-2021-39213 IP restriction on GLPI API Bypass with custom header injection CWE-74 6.8 Medium2021-09-15
CVE-2021-39211 Disclosure of GLPI and server information in telemetry endpoint CWE-200 5.3 Medium2021-09-15
CVE-2021-39210 Autologin cookie accessible by scripts CWE-1004 6.5 Medium2021-09-15
CVE-2021-39209 Bypassable CSRF protection CWE-352 8.8 High2021-09-15
CVE-2021-3486 GLPI 跨站脚本漏洞 CWE-79 6.1 -2021-05-26
CVE-2021-21324 Insecure Direct Object Reference (IDOR) on "Solutions" CWE-639 6.8 Medium2021-03-08
CVE-2021-21325 Stored XSS in budget type CWE-79 6.2 Medium2021-03-08
CVE-2021-21326 Horizontal Privilege Escalation CWE-862 7.7 High2021-03-08
CVE-2021-21327 Unsafe Reflection in getItemForItemtype() CWE-862 6.8 Medium2021-03-08
CVE-2021-21314 XSS injection on ticket update CWE-79 5.4 Medium2021-03-03
CVE-2021-21312 Stored XSS on documents CWE-79 5.4 Medium2021-03-03
CVE-2021-21313 XSS on tabs CWE-74 4.9 Medium2021-03-03
CVE-2021-21258 XSS injection in ajax/kanban CWE-79 6.8 Medium2021-03-02
CVE-2021-21255 entities switch IDOR CWE-862 5.8 Medium2021-03-02
CVE-2020-26212 Any GLPI CalDAV calendars is read-only for every authenticated user CWE-862 7.7 High2020-11-25
CVE-2020-15226 SQL Injection in GLPI Search API CWE-89 5.0 Medium2020-10-07
CVE-2020-15217 User data exposure in GLPI CWE-79 5.3 Medium2020-10-07
CVE-2020-15177 Unauthenticated Stored XSS in GLPI CWE-79 8.0 High2020-10-07
CVE-2020-15176 SQL injection in GLPI CWE-89 8.7 High2020-10-07
CVE-2020-15175 Unauthenticated File Deletion in GLPI CWE-552 7.4 High2020-10-07
CVE-2020-11031 Insecure encryption algorithm in GLPI CWE-327 7.8 High2020-09-23
CVE-2020-15108 SQL Injection in glpi CWE-89 7.1 High2020-07-17
CVE-2020-11060 Remote Code Execution in GLPI CWE-74 7.4 High2020-05-12
CVE-2020-11062 Reflexive XSS in GLPI CWE-79 6.0 Medium2020-05-12
CVE-2020-5248 Public GLPIKEY can be used to decrypt any data in GLPI CWE-798 7.2 High2020-05-12
CVE-2020-11036 XSS in GLPI CWE-79 7.6 High2020-05-05

All 155 known CVE vulnerabilities affecting glpi with full Chinese analysis, references, and POCs where available.