Glpi-project ≫ Glpi

GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php.

Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to submit a request that could lead to the creation of an admin account in the application.

Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to inject arbitrary web script or HTML by attaching a crafted HTML file to a ticket.

GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.

Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authenticated remote attacker to execute arbitrary SQL commands by using a certain character when the database is configured to use Big5 Asian encoding.

GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the _profiles_id parameter to front/user.form.php.

Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated users to execute arbitrary code by adding a file with an executable extension as an attachment to a new ticket, then accessing it via a direct request to the file in files/_tm...

Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item type to the getItemForItemtype, as demonstrated by the...

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.

SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.