Vulnerabilities > Glpi Project

DATE CVE VULNERABILITY TITLE RISK
2021-09-15 CVE-2021-39213 Injection vulnerability in Glpi-Project Glpi
GLPI is a free Asset and IT management software package.
6.0
2021-09-15 CVE-2021-39211 Exposure of Resource to Wrong Sphere vulnerability in Glpi-Project Glpi
GLPI is a free Asset and IT management software package.
network
low complexity
glpi-project CWE-668
5.0
2021-09-15 CVE-2021-39210 Incorrect Permission Assignment for Critical Resource vulnerability in Glpi-Project Glpi
GLPI is a free Asset and IT management software package.
3.5
2021-09-15 CVE-2021-39209 Cross-Site Request Forgery (CSRF) vulnerability in Glpi-Project Glpi
GLPI is a free Asset and IT management software package.
6.8
2021-05-26 CVE-2021-3486 Cross-site Scripting vulnerability in Glpi-Project Glpi 9.5.4
GLPi 9.5.4 does not sanitize the metadata.
4.3
2021-04-06 CVE-2021-30144 Incorrect Authorization vulnerability in Glpi-Project Dashboard
The Dashboard plugin through 1.0.2 for GLPI allows remote low-privileged users to bypass access control on viewing information about the last ten events, the connected users, and the users in the tech category.
network
low complexity
glpi-project CWE-863
4.0
2021-03-08 CVE-2021-21324 Authorization Bypass Through User-Controlled Key vulnerability in Glpi-Project Glpi
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing.
network
low complexity
glpi-project CWE-639
4.0
2021-03-08 CVE-2021-21325 Cross-site Scripting vulnerability in Glpi-Project Glpi
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing.
3.5
2021-03-08 CVE-2021-21326 Missing Authorization vulnerability in Glpi-Project Glpi
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing.
network
low complexity
glpi-project CWE-862
4.0
2021-03-08 CVE-2021-21327 Missing Authorization vulnerability in Glpi-Project Glpi
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing.
network
low complexity
glpi-project CWE-862
5.0