Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Glpi-Project — Vulnerabilities & Security Advisories 160

Browse all 160 CVE security advisories affecting Glpi-Project. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Glpi-Project:GLPIglpi-inventory-pluginglpi-agent
CVE IDTitleCVSSSeverityPublished
CVE-2023-34106 GLPI vulnerable to unauthorized access to User data — glpiCWE-284 6.5 Medium2023-07-05
CVE-2023-34254 Remote inventory task command injection when using ssh command mode — glpi-agentCWE-78 7.7 High2023-06-23
CVE-2023-28852 GLPI vulnerable to stored Cross-site Scripting through dashboard administration — glpiCWE-79 4.8 Medium2023-04-05
CVE-2023-28849 GLPI vulnerable to SQL injection and Stored XSS via inventory agent request — glpiCWE-89 10.0 Critical2023-04-05
CVE-2023-28838 GLPI vulnerable to SQL injection through dynamic reports — glpiCWE-89 9.6 Critical2023-04-05
CVE-2023-28636 GLPI vulnerable to stored Cross-site Scripting in external links — glpiCWE-79 4.5 Medium2023-04-05
CVE-2023-28634 GLPI vulnerable to Privilege Escalation from Technician to Super-Admin — glpiCWE-285 8.8 High2023-04-05
CVE-2023-28633 GLPI vulnerable to Blind Server-Side Request Forgery (SSRF) in RSS feeds — glpiCWE-918 3.5 Low2023-04-05
CVE-2023-28632 GLPI vulnerable to account takeover by authenticated user — glpiCWE-269 8.1 High2023-04-05
CVE-2022-41941 glpi contains XSS Stored inside Standard Interface Help Link href attribute — glpiCWE-79 6.2 Medium2023-01-25
CVE-2023-22500 glpi Unauthorized access to inventory files — glpiCWE-863 7.5 High2023-01-25
CVE-2023-22722 glpi subject to Cross-site Scripting (XSS) - Reflected — glpiCWE-79 6.8 Medium2023-01-25
CVE-2023-22724 glpi contains XSS in RSS Description Link — glpiCWE-79 6.2 Medium2023-01-25
CVE-2023-22725 glpi vulnerable to XSS on external links — glpiCWE-79 6.2 Medium2023-01-25
CVE-2023-23610 glpi vulnerable to Unauthorized access to data export — glpiCWE-269 6.5 Medium2023-01-25
CVE-2022-39234 user session persists even after permanently deleting account in GLPI — glpiCWE-613 4.7 Medium2022-11-03
CVE-2022-39262 Stored Cross-Site Scripting (XSS) on login page in GLPI — glpiCWE-83 5.2 Medium2022-11-03
CVE-2022-39276 Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning — glpiCWE-918 3.5 Low2022-11-03
CVE-2022-39277 Cross-Site Scripting (XSS) in external links in GLPI — glpiCWE-79 4.5 Medium2022-11-03
CVE-2022-39323 SQL Injection on REST API in GLPI — glpiCWE-89 7.4 High2022-11-03
CVE-2022-39370 Improper access to debug panel in GLPI — glpiCWE-284 4.3 Medium2022-11-03
CVE-2022-39371 Stored Cross-Site Scripting (XSS) through asset inventory in GLPI — glpiCWE-80 7.5 High2022-11-03
CVE-2022-39372 Stored Cross-Site Scripting (XSS) in user information in GLPI — glpiCWE-79 3.5 Low2022-11-03
CVE-2022-39373 Stored Cross-Site Scripting (XSS) in entity name in GLPI — glpiCWE-79 4.9 Medium2022-11-03
CVE-2022-39375 Cross-Site Scripting (XSS) through public RSS feed in GLPI — glpiCWE-79 4.5 Medium2022-11-03
CVE-2022-39376 Improper input validation on emails links in GLPI — glpiCWE-20 2.6 Low2022-11-03
CVE-2022-31187 Stored Cross Site Scripting (XSS) through global search in GLPI — glpiCWE-79 6.8 Medium2022-09-14
CVE-2022-35946 SQL injection through plugin controller in GLPI — glpiCWE-89 5.5 Medium2022-09-14
CVE-2022-35947 SQL injection in GLPI — glpiCWE-89 10.0 Critical2022-09-14
CVE-2022-36112 Blind Server-Side Request Forgery (SSRF) in GLPI — glpiCWE-918 3.5 Low2022-09-14

This page lists every published CVE security advisory associated with Glpi-Project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.