CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-10477
https://notcve.org/view.php?id=CVE-2019-10477
The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 for GLPI 9.4.x mishandles sendXML actions. El plugin "FusionInventory", en versiones anteriores a la 1.4 para GLPI 9.3.x y en las anteriores a la 1.1 para GLPI 9.4.x, gestiona de manera incorrecta las acciones sendXML. • https://github.com/fusioninventory/fusioninventory-for-glpi/commit/0f777f85773b18f5252e79afa1929fcdc4858c3a https://github.com/fusioninventory/fusioninventory-for-glpi/compare/260a864...e1f776d https://github.com/fusioninventory/fusioninventory-for-glpi/compare/cec774a...baa4158 https://github.com/fusioninventory/fusioninventory-for-glpi/releases/tag/glpi9.3%2B1.4 https://github.com/fusioninventory/fusioninventory-for-glpi/releases/tag/glpi9.4%2B1.1 • CWE-19: Data Processing Errors •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10233
https://notcve.org/view.php?id=CVE-2019-10233
Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie. Teclib GLPI, en versiones anteriores a la 9.4.1.1, se ha visto afectado por un ataque de sincronización asociado a una cookie. • https://github.com/glpi-project/glpi/pull/5562 https://github.com/glpi-project/glpi/releases/tag/9.4.1.1 • CWE-203: Observable Discrepancy •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-13049
https://notcve.org/view.php?id=CVE-2018-13049
The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php. La función constructSQL en inc/search.class.php en GLPI en versiones 9.2.x hasta la 9.3.0 permite la inyección SQL, tal y como queda demostrado con la activación de una cláusula LIMIT en front/computer.php. • https://github.com/glpi-project/glpi/issues/4270 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7562
https://notcve.org/view.php?id=CVE-2018-7562
A remote code execution issue was discovered in GLPI through 9.2.1. There is a race condition that allows temporary access to an uploaded executable file that will be disallowed. The application allows an authenticated user to upload a file when he/she creates a new ticket via front/fileupload.php. This feature is protected using different types of security features like the check on the file's extension. However, the application uploads and creates a file, though this file is not allowed, and then deletes the file in the uploadFiles method in inc/glpiuploaderhandler.class.php. • https://github.com/glpi-project/glpi/pull/3650 https://membership.backbox.org/glpi-9-2-1-multiple-vulnerabilities • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7563
https://notcve.org/view.php?id=CVE-2018-7563
An issue was discovered in GLPI through 9.2.1. The application is affected by XSS in the query string to front/preference.php. An attacker is able to create a malicious URL that, if opened by an authenticated user with debug privilege, will execute JavaScript code supplied by the attacker. The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes. Se ha descubierto un problema en GLPI hasta su versión 9.2.1. • https://github.com/glpi-project/glpi/pull/3647 https://membership.backbox.org/glpi-9-2-1-multiple-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •