Thetsmr

2 exploits Active since Dec 2024
CVE-2024-56801 WRITEUP CRITICAL WRITEUP
Tasklists < 2.0.4 - Blind SQL Injection
Tasklists provides plugin tasklists for GLPI. Versions prior to 2.0.4 have a blind SQL injection vulnerability. Version 2.0.4 contains a patch for the vulnerability.
CVSS 9.8
CVE-2024-53850 WRITEUP HIGH WRITEUP
Addressing GLPI plugin 3.0.0-3.0.3 - Unauthenticated Information Disclosure via Insecure Data Existence Check
The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists (by name) in GLPI.
CVSS 8.2