Glpi-project

Glpi

187 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-59935

  • EPSS 0.09%
  • Veröffentlicht 16.12.2025 16:34:46
  • Zuletzt bearbeitet 02.02.2026 14:59:28

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.21, an unauthenticated user can store an XSS payload through the inventory endpoint. Users should upgrade to 10.0.21 to receive a patch.

7.5

CVE-2025-53105

  • EPSS 0.08%
  • Veröffentlicht 27.08.2025 14:40:36
  • Zuletzt bearbeitet 29.08.2025 16:24:09

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 10.0.0 to before 10.0.19, a connected u...

5.4

CVE-2025-53357

  • EPSS 0.04%
  • Veröffentlicht 30.07.2025 14:17:58
  • Zuletzt bearbeitet 04.08.2025 18:57:31

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.78 through 10.0.18, a connected user ...

2.7

CVE-2025-53113

  • EPSS 0.03%
  • Veröffentlicht 30.07.2025 14:16:36
  • Zuletzt bearbeitet 04.08.2025 18:57:15

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.65 through 10.0.18, a technician can ...

5

CVE-2025-52567

  • EPSS 0.03%
  • Veröffentlicht 30.07.2025 14:15:28
  • Zuletzt bearbeitet 04.08.2025 18:54:47

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 0.84 through 10.0.18, usage of RSS feeds or external calendars when planning is subject to SSRF e...

6.1

CVE-2025-52897

  • EPSS 0.07%
  • Veröffentlicht 30.07.2025 14:15:28
  • Zuletzt bearbeitet 04.08.2025 18:55:55

GLPI is a Free Asset and IT Management Software package. In versions 9.1.0 through 10.0.18, an unauthenticated user can send a malicious link to attempt a phishing attack from the planning feature. This is fixed in version 10.0.19.

6.5

CVE-2025-53008

  • EPSS 0.04%
  • Veröffentlicht 30.07.2025 14:15:28
  • Zuletzt bearbeitet 04.08.2025 18:56:11

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.3.1 through 10.0.19, a connected user can use...

4.3

CVE-2025-53112

  • EPSS 0.04%
  • Veröffentlicht 30.07.2025 14:15:22
  • Zuletzt bearbeitet 04.08.2025 18:56:49

GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.1.0 through 10.0.18, a lack of permission checks can result in unauthorized removal of some spec...

6.5

CVE-2025-53111

  • EPSS 0.05%
  • Veröffentlicht 30.07.2025 14:14:25
  • Zuletzt bearbeitet 04.08.2025 18:56:30

GLPI is a Free Asset and IT Management Software package. In versions 0.80 through 10.0.18, a lack of permission checks can result in unauthorized access to some resources. This is fixed in version 10.0.19.

5.4

CVE-2025-27514

  • EPSS 0.03%
  • Veröffentlicht 29.07.2025 17:39:28
  • Zuletzt bearbeitet 04.08.2025 18:54:02

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the pr...