CVE-2022-31056

CRITICAL

GLPI 10.0.0-10.0.2 - SQL Injection via Actor Fields

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-31056. PoCs published by Nuri Çilengir.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in GLPI 10.0.2, allowing an attacker to insert a malicious document type into the database. It then leverages file upload functionality to execute arbitrary PHP code, achieving remote code execution (RCE).

Description

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms (Ticket/Change/Problem) permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and all affected users are advised to upgrade.

Exploits (1)

exploitdb WORKING POC
by Nuri Çilengir · textwebappsphp
https://www.exploit-db.com/exploits/51233

This exploit demonstrates an SQL injection vulnerability in GLPI 10.0.2, allowing an attacker to insert a malicious document type into the database. It then leverages file upload functionality to execute arbitrary PHP code, achieving remote code execution (RCE).

Classification
Working Poc 95%
Attack Type
Sqli | Rce
Complexity
Moderate
Reliability
Reliable
Target: GLPI >=10.0.0, <10.0.3
Auth required
Prerequisites: Valid session cookies · Access to the file upload functionality
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0713
EPSS Percentile 93.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
glpi-project/glpi 10.0.0 - 10.0.2
Published Jun 28, 2022
Tracked Since Feb 18, 2026