Vulnerabilities > Glpi Project > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-13 CVE-2023-46726 Injection vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-74
critical
 9.8
9.8
2023-12-13 CVE-2023-46727 SQL Injection vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-89
critical
 9.8
9.8
2023-11-02 CVE-2023-42802 Unrestricted Upload of File with Dangerous Type vulnerability in Glpi-Project Glpi 10.0.7/10.0.9
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-434
critical
 9.8
9.8
2023-09-27 CVE-2023-41320 SQL Injection vulnerability in Glpi-Project Glpi
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing.
network
low complexity
glpi-project CWE-89
critical
 9.8
9.8
2023-09-27 CVE-2023-42461 SQL Injection vulnerability in Glpi-Project Glpi
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing.
network
low complexity
glpi-project CWE-89
critical
 9.8
9.8
2023-09-27 CVE-2023-42462 Unrestricted Upload of File with Dangerous Type vulnerability in Glpi-Project Glpi
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing.
network
low complexity
glpi-project CWE-434
critical
 9.1
9.1
2023-07-13 CVE-2023-37278 SQL Injection vulnerability in Glpi-Project Glpi
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.
network
low complexity
glpi-project CWE-89
critical
 9.1
9.1
2023-07-05 CVE-2023-36808 SQL Injection vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-89
critical
 9.8
9.8
2023-07-05 CVE-2023-35924 SQL Injection vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-89
critical
 9.8
9.8
2023-04-16 CVE-2022-34128 Unrestricted Upload of File with Dangerous Type vulnerability in Glpi-Project Positions
The Cartography (aka positions) plugin before 6.0.1 for GLPI allows remote code execution via PHP code in the POST data to front/upload.php.
network
low complexity
glpi-project CWE-434
critical
 9.8
9.8