Exposure of GLPI

CRM, Web frameworks

51

exposure score

131

sites use

0

exploited

8

critical

CVEs

163 results

CVE-2024-45611MEDIUMGLPI has a stored XSS at src/RSSFeed.phpEPSS 0.3%CVE-2023-53943MEDIUMGLPI 9.5.7 Username Enumeration Vulnerability via Lost Password EndpointEPSS 0.3%CVE-2026-25937MEDIUMGLPI has a MFA bypassEPSS 0.3%CVE-2026-42318HIGHGLPI Vulnerable to Arbitrary Item Deletion via Planning EndpointEPSS 0.3%CVE-2026-25932HIGHGLPI has Stored XSS in Supplier 'Website' fieldEPSS 0.3%CVE-2025-64516HIGHGLPI incorrectly authorizes access to documentsEPSS 0.3%CVE-2026-40108HIGHGLPI Vulnerable to Stored XSS in ITIL CostsEPSS 0.3%CVE-2026-22044MEDIUMGLPI is Vulnerable to Authenticated SQL InjectionEPSS 0.3%CVE-2025-23024MEDIUMGLPI: Plugins are disabled accessing one pageEPSS 0.3%CVE-2026-44281HIGHGLPI vulnerable to unauthorized reading of a specific asset objectEPSS 0.3%CVE-2025-59935MEDIUMGLPI Vulnerable to Unauthenticated Stored XSS on the Inventory pageEPSS 0.2%CVE-2025-53111MEDIUMGLPI exposes data to non-allowed usersEPSS 0.2%CVE-2026-42320MEDIUMGLPI vulnerable to arbitrary file accessEPSS 0.2%CVE-2025-53008MEDIUMGLPI's MailCollector Receiver is vulnerable to credential exfiltrationEPSS 0.2%CVE-2026-32312MEDIUMGLPI: Unauthorized export of form structureEPSS 0.2%CVE-2025-53113LOWGLPI technicians can access unauthorized information through external linksEPSS 0.2%CVE-2025-52897MEDIUMGLPI is vulnerable to XSS and open redirection attacks through planning featureEPSS 0.2%CVE-2026-26027HIGHGLPI has an Unauthenticated Stored XSS via inventoryEPSS 0.2%CVE-2025-64520MEDIUMGLPI vulnerable to unauthorized access to restricted Knowledge Base items through the APIEPSS 0.2%CVE-2025-27514MEDIUMGLPI is susceptible to Stored XSS attack through project's kanbanEPSS 0.2%

← previouspage 8 / 9next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →