Exposure of GLPI

CRM, Web frameworks

51

exposure score

131

sites use

0

exploited

8

critical

CVEs

163 results

CVE-2020-11033MEDIUMAble to read any token through API user endpoint in GLPIEPSS 1.0%CVE-2020-15226MEDIUMSQL Injection in GLPI Search APIEPSS 1.0%CVE-2020-11032HIGHSQL injection on addme_observer and addme_assign in GLPIEPSS 1.0%CVE-2021-39213MEDIUMIP restriction on GLPI API Bypass with custom header injectionEPSS 1.0%CVE-2020-15217MEDIUMUser data exposure in GLPIEPSS 1.0%CVE-2021-39210MEDIUMAutologin cookie accessible by scriptsEPSS 1.0%CVE-2021-21313MEDIUMXSS on tabsEPSS 0.9%CVE-2022-35947CRITICALSQL injection in GLPIEPSS 0.9%CVE-2023-42461MEDIUMSQL injection in ITIL actors in GLPIEPSS 0.9%CVE-2024-23645MEDIUMGLPI reflected XSS in reports pagesEPSS 0.9%CVE-2023-51446MEDIUMGLPI LDAP Injection during authenticationEPSS 0.9%CVE-2021-21255MEDIUMentities switch IDOREPSS 0.9%CVE-2023-42802CRITICALGLPI vulnerable to unallowed PHP script executionEPSS 0.8%CVE-2023-22500HIGHglpi Unauthorized access to inventory filesEPSS 0.8%CVE-2023-28634HIGHGLPI vulnerable to Privilege Escalation from Technician to Super-AdminEPSS 0.8%CVE-2024-27914MEDIUMReflected Cross-Site Scripting (XSS) in search engine when debug mode is enabled in GLPIEPSS 0.8%CVE-2020-11036HIGHXSS in GLPIEPSS 0.8%CVE-2020-11035HIGHweak CSRF tokens in GLPIEPSS 0.8%CVE-2023-28838CRITICALGLPI vulnerable to SQL injection through dynamic reportsEPSS 0.8%CVE-2020-15177HIGHUnauthenticated Stored XSS in GLPIEPSS 0.8%

← previouspage 3 / 9next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →