Vulnerabilidades em glpi-project
168 resultadosCVE-2025-24799HIGHGLPI allows unauthenticated SQL injection through the inventory endpointEPSS 86.2%CVE-2020-15175HIGHUnauthenticated File Deletion in GLPIEPSS 70.9%CVE-2023-46727HIGHGLPI SQL injection through inventory agent requestEPSS 67.1%CVE-2024-29889HIGHGLPI contains an SQL injection through the saved searchesEPSS 64.9%CVE-2024-31456HIGHGLPI contains an authenticated SQL injectionEPSS 63.0%CVE-2024-27096HIGHSQL Injection in through the search engineEPSS 62.7%CVE-2022-31061CRITICALSQL injection on login page in GLPIEPSS 51.2%CVE-2023-35924HIGHGLPI vulnerable to SQL injection via inventory agent requestEPSS 49.4%CVE-2023-36808HIGHGLPI vulnerable to SQL injection through Computer Virtual Machine informationEPSS 44.6%CVE-2024-27098MEDIUMBlind Server-Side Request Forgery (SSRF) using Arbitrary Object Instantiation in GLPIEPSS 39.0%CVE-2024-40638HIGHGLPI allows account takeover via SQL Injection in AJAX scriptsEPSS 37.0%CVE-2022-39323HIGHSQL Injection on REST API in GLPIEPSS 34.3%CVE-2023-41323MEDIUMUsers login enumeration by unauthenticated user in GLPIEPSS 34.1%CVE-2023-41320HIGHAccount takeover via SQL Injection in UI layout preferences in GLPIEPSS 32.1%CVE-2023-41326HIGHAccount takeover via Kanban feature in GLPIEPSS 31.2%CVE-2023-43813MEDIUMglpi Authenticated SQL InjectionEPSS 31.1%CVE-2024-27937MEDIUMglpi Users emails enumerationEPSS 26.8%CVE-2024-37149HIGHGLPI allows remote code execution through the plugin loaderEPSS 21.2%CVE-2024-37148HIGHGLPI allows account takeover via SQL Injection in AJAX scriptsEPSS 20.4%CVE-2024-50339CRITICALGLPI vulnerable to unauthenticated session hijackingEPSS 19.8%