Vulnerabilities > Glpi Project > Glpi > 9.5.0

DATE CVE VULNERABILITY TITLE RISK
2020-10-07 CVE-2020-15175 Unspecified vulnerability in Glpi-Project Glpi
In GLPI before version 9.5.2, the `?pluginimage.send.php?` endpoint allows a user to specify an image from a plugin.
network
low complexity
glpi-project
critical
 9.1
9.1
2020-07-17 CVE-2020-15108 SQL Injection vulnerability in Glpi-Project Glpi
In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature.
network
low complexity
glpi-project CWE-89
7.1
7.1