glpi-project

218 tracked vulnerabilities.

CVE-2017-11474 CRITICAL
GLPI < 9.1.5.0 - SQL Injection via $crit Variable in Computer Software Version Class
Jul 20, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-11329 CRITICAL
GLPI < 9.1.4 - SQL Injection via Entity Restrict Parameter
Jul 17, 2017
CVSS 9.8
EPSS 0.01
CVE-2016-7509 MEDIUM
GLPI 0.90.4 - Authenticated Stored Cross-Site Scripting via Ticket HTML Attachment
Jul 19, 2017
CVSS 5.4
EPSS 0.01
CVE-2016-7507 HIGH
GLPI 0.90.4 - Authenticated Cross-Site Request Forgery
Jul 19, 2017
CVSS 8.0
EPSS 0.00
CVE-2016-7508 HIGH
GLPI 0.90.4 - Authenticated SQL Injection via Big5 Encoding Character
Jun 21, 2017
CVSS 7.5
EPSS 0.02
CVE-2015-7685
GLPI <0.85.3 - Privilege Escalation
Oct 05, 2015
EPSS 0.02
CVE-2015-7684
GLPI < 0.85.3 - Authenticated Remote Code Execution via Executable File Upload
Oct 05, 2015
EPSS 0.04
CVE-2014-8360
GLPI < 0.84.8 - Remote Code Execution via Dot Dot Underscore Path Traversal in Autoload Function
Apr 14, 2015
EPSS 0.03
CVE-2014-5032
GLPI < 0.84.6 - Unauthenticated Sensitive Information Exposure via Search Bar Cost Criteria
Apr 14, 2015
EPSS 0.02
CVE-2014-9258
GLPI < 0.85 - Authenticated SQL Injection via Dropdown Condition Parameter
Dec 19, 2014
EPSS 0.03
CVE-2013-2227 HIGH
GLPI 0.83.7 - Local File Inclusion via common.tabs.php
Nov 01, 2019
CVSS 7.5
EPSS 0.13
CVE-2013-2225
GLPI < 0.83.9 - Unauthenticated PHP Object Unserialization via _predefined_fields Parameter
May 27, 2014
EPSS 0.08
CVE-2013-2226
GLPI < 0.83.9 - SQL Injection via users_id_assign, filename, or table Parameter
May 14, 2014
EPSS 0.03
CVE-2013-5696
GLPI < 0.84.2 - Cross-Site Request Forgery and SQL Injection via Install Script
Sep 23, 2013
EPSS 0.08
CVE-2012-4003
GLPI < 0.83.3 - Cross-Site Scripting
Oct 09, 2012
EPSS 0.02
CVE-2012-4002
GLPI < 0.83.3 - Cross-Site Request Forgery
Oct 09, 2012
EPSS 0.01
CVE-2012-1037
GLPI 0.78-0.80.61 - Authenticated Remote Code Execution via sub_type Parameter
Jul 12, 2012
EPSS 0.01
CVE-2011-2720
GLPI < 0.80.2 - Exposure of Sensitive Information via Autocompletion
Aug 05, 2011
EPSS 0.03