Glpi-project : Security Vulnerabilities, CVEs, Published In 2012
Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI before 0.83.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
Max CVSS
4.3
EPSS Score
0.22%
Published
2012-10-09
Updated
2013-04-11
Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI before 0.83.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Max CVSS
6.8
EPSS Score
0.24%
Published
2012-10-09
Updated
2013-04-11
PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 through 0.80.61 allows remote authenticated users to execute arbitrary PHP code via a URL in the sub_type parameter.
Max CVSS
6.5
EPSS Score
0.37%
Published
2012-07-12
Updated
2012-07-16
3 vulnerabilities found