1 results (0.001 seconds)
CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 2
CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 2CVE-2022-34127 – GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin
https://notcve.org/view.php?id=CVE-2022-34127
03 Apr 2023 — The Managentities plugin before 4.0.2 for GLPI allows reading local files via directory traversal in the inc/cri.class.php file parameter. GLPI Manageentities versions prior to 4.0.2 suffer from a local file inclusion vulnerability. • https://packetstorm.news/files/id/171653 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •