Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

glpi-project — Vulnerabilities & Security Advisories 160

Browse all 160 CVE security advisories affecting glpi-project. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by glpi-project:GLPIglpi-inventory-pluginglpi-agent
CVE IDTitleCVSSSeverityPublished
CVE-2022-35945 Cross site scripting (XSS) via registration API in GLPI — glpiCWE-79 6.3 Medium2022-09-14
CVE-2022-31143 Leak of sensitive information through login page error in GLPI — glpiCWE-200 5.3 Medium2022-09-14
CVE-2022-31061 SQL injection on login page in GLPI — glpiCWE-89 9.8 Critical2022-06-28
CVE-2022-31068 Sensitive Data Exposure on Refused Inventory Files in GLPI — glpiCWE-200 5.3 Medium2022-06-28
CVE-2022-31056 SQL injection with _actor parameter in GLPI — glpiCWE-89 9.8 Critical2022-06-28
CVE-2022-31082 SQL Injection via package deployment tasks in glpi-inventory-plugin — glpi-inventory-pluginCWE-89 5.8 Medium2022-06-27
CVE-2022-31062 Unauthenticated Local File Inclusion — glpi-inventory-pluginCWE-22 5.3 Medium2022-06-20
CVE-2022-29250 SQL injection in GLPI — glpiCWE-89 8.1 High2022-06-09
CVE-2022-24876 Stored cross site scrpting in GLPI's Kanban — glpiCWE-79 5.4 Medium2022-06-09
CVE-2022-24869 Cross Site Scripting in GLPI — glpiCWE-79 4.6 Medium2022-04-21
CVE-2022-24868 Cross site scripting via SVG file upload in GLPI — glpiCWE-79 7.3 High2022-04-21
CVE-2022-24867 LDAP password exposure in glpi — glpiCWE-200 7.5 High2022-04-21
CVE-2021-39213 IP restriction on GLPI API Bypass with custom header injection — glpiCWE-74 6.8 Medium2021-09-15
CVE-2021-39211 Disclosure of GLPI and server information in telemetry endpoint — glpiCWE-200 5.3 Medium2021-09-15
CVE-2021-39210 Autologin cookie accessible by scripts — glpiCWE-1004 6.5 Medium2021-09-15
CVE-2021-39209 Bypassable CSRF protection — glpiCWE-352 8.8 High2021-09-15
CVE-2021-21324 Insecure Direct Object Reference (IDOR) on "Solutions" — glpiCWE-639 6.8 Medium2021-03-08
CVE-2021-21325 Stored XSS in budget type — glpiCWE-79 6.2 Medium2021-03-08
CVE-2021-21326 Horizontal Privilege Escalation — glpiCWE-862 7.7 High2021-03-08
CVE-2021-21327 Unsafe Reflection in getItemForItemtype() — glpiCWE-862 6.8 Medium2021-03-08
CVE-2021-21314 XSS injection on ticket update — glpiCWE-79 5.4 Medium2021-03-03
CVE-2021-21312 Stored XSS on documents — glpiCWE-79 5.4 Medium2021-03-03
CVE-2021-21313 XSS on tabs — glpiCWE-74 4.9 Medium2021-03-03
CVE-2021-21258 XSS injection in ajax/kanban — glpiCWE-79 6.8 Medium2021-03-02
CVE-2021-21255 entities switch IDOR — glpiCWE-862 5.8 Medium2021-03-02
CVE-2020-26212 Any GLPI CalDAV calendars is read-only for every authenticated user — glpiCWE-862 7.7 High2020-11-25
CVE-2020-15226 SQL Injection in GLPI Search API — glpiCWE-89 5.0 Medium2020-10-07
CVE-2020-15217 User data exposure in GLPI — glpiCWE-79 5.3 Medium2020-10-07
CVE-2020-15177 Unauthenticated Stored XSS in GLPI — glpiCWE-79 8.0 High2020-10-07
CVE-2020-15176 SQL injection in GLPI — glpiCWE-89 8.7 High2020-10-07

This page lists every published CVE security advisory associated with glpi-project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.