lem0naids

1 exploit Active since Jan 2026
CVE-2025-66417 NOMISEC HIGH WORKING POC
GLPI 11.0.0-11.0.2 - Unauthenticated SQL Injection via Inventory Endpoint
GLPI is a free asset and IT management software package. From 11.0.0, < 11.0.3, an unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 11.0.3.
4 stars
CVSS 7.5