CVE-2013-5696

GLPI < 0.84.2 - Cross-Site Request Forgery and SQL Injection via Install Script

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2013-5696. PoCs published by High-Tech Bridge SA, Metasploit, including Metasploit module exploits/multi/http/glpi_install_rce.

AI-analyzed exploit summary The exploit demonstrates two vulnerabilities in GLPI 0.84.1: improper access control allowing database host manipulation and arbitrary PHP code injection via insufficient input validation in the installation script. Both exploits use HTTP POST requests to modify configuration files.

Description

inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and (1) perform a SQL injection via an Etape_4 action or (2) execute arbitrary PHP code via an update_1 action.

Exploits (3)

exploitdb WORKING POC VERIFIED
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/28685

The exploit demonstrates two vulnerabilities in GLPI 0.84.1: improper access control allowing database host manipulation and arbitrary PHP code injection via insufficient input validation in the installation script. Both exploits use HTTP POST requests to modify configuration files.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: GLPI 0.84.1 and prior
No auth needed
Prerequisites: Access to the installation script at /install/install.php
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotephp
https://www.exploit-db.com/exploits/28483

This Metasploit module exploits a command injection vulnerability in GLPI's install.php script by injecting PHP code into the database configuration, which is then executed via a crafted GET request.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GLPI 0.84 or older
No auth needed
Prerequisites: Target must have GLPI 0.84 or older installed · install.php must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC MANUAL
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/glpi_install_rce.rb

This Metasploit module exploits a command injection vulnerability in GLPI's install.php script by injecting malicious PHP code into the database configuration, which is then executed via a crafted GET request.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: GLPI 0.84 or older
No auth needed
Prerequisites: Target running vulnerable GLPI version · Access to the install.php script
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

EPSS 0.0785
EPSS Percentile 93.9%

Details

CWE
CWE-352
Status published
Products (31)
glpi-project/glpi 0.5 (3 CPE variants)
glpi-project/glpi 0.6 (4 CPE variants)
glpi-project/glpi 0.20
glpi-project/glpi 0.21
glpi-project/glpi 0.30
glpi-project/glpi 0.31
glpi-project/glpi 0.40
glpi-project/glpi 0.41
glpi-project/glpi 0.42
glpi-project/glpi 0.51
... and 21 more
Published Sep 23, 2013
Tracked Since Feb 18, 2026