Vulnerabilities > Glpi Project > Glpi > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-07 | CVE-2020-15176 | SQL Injection vulnerability in Glpi-Project Glpi In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. | 5.0 |
| 2020-09-23 | CVE-2020-11031 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Glpi-Project Glpi In GLPI before version 9.5.0, the encryption algorithm used is insecure. | 5.0 |
| 2020-07-17 | CVE-2020-15108 | SQL Injection vulnerability in Glpi-Project Glpi In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. | 4.0 |
| 2020-05-12 | CVE-2020-5248 | Use of Hard-coded Credentials vulnerability in Glpi-Project Glpi GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. | 5.0 |
| 2020-05-05 | CVE-2020-11036 | Cross-site Scripting vulnerability in Glpi-Project Glpi In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. | 5.4 |
| 2020-05-05 | CVE-2020-11034 | Open Redirect vulnerability in Glpi-Project Glpi In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. | 6.1 |
| 2020-05-05 | CVE-2020-11032 | SQL Injection vulnerability in Glpi-Project Glpi 9.4.5 In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. | 6.5 |
| 2019-11-01 | CVE-2013-2227 | Improper Input Validation vulnerability in multiple products GLPI 0.83.7 has Local File Inclusion in common.tabs.php. | 5.0 |
| 2019-09-25 | CVE-2019-14666 | Information Exposure vulnerability in Glpi-Project Glpi GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. | 6.5 |
| 2019-07-10 | CVE-2019-13240 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Glpi-Project Glpi An issue was discovered in GLPI before 9.4.1. | 4.3 |