EIP-2026-107433

PRE-CVE

GLPI 0.71.3 - Multiple SQL Injections Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107433. PoCs published by Zigma.

AI-analyzed exploit summary This is a writeup detailing multiple remote SQL injection vulnerabilities in GLPI v0.71.3. The analysis explains how the application's security measures fail to prevent SQL injection due to lack of input validation, allowing attackers to manipulate the ID parameter in various endpoints.

Description

GLPI 0.71.3 - Multiple SQL Injections Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Zigma · textwebappsphp

https://www.exploit-db.com/exploits/7911

View Code ZIP pw:eip

This is a writeup detailing multiple remote SQL injection vulnerabilities in GLPI v0.71.3. The analysis explains how the application's security measures fail to prevent SQL injection due to lack of input validation, allowing attackers to manipulate the ID parameter in various endpoints.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: GLPI v0.71.3

No auth needed

Prerequisites: Access to the target GLPI application

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026