Search criteria
11 vulnerabilities by pluginsGLPI
CVE-2025-65035 (GCVE-0-2025-65035)
Vulnerability from cvelistv5 – Published: 2025-12-19 16:35 – Updated: 2025-12-19 18:00
VLAI?
Title
GLPI Database Inventory Plugin Vulnerable to Stored Object Injection
Summary
pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. Prior to version 1.1.2, in certain conditions (database write access must first be obtained through another vulnerability or misconfiguration), user-controlled data is stored insecurely in the database via computergroup, and is later unserialized on every page load, allowing arbitrary PHP object instantiation. Version 1.1.2 fixes the issue.
Severity ?
6.4 (Medium)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | databaseinventory |
Affected:
< 1.1.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65035",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T17:24:10.147346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T18:00:25.116Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "databaseinventory",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003c 1.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "pluginsGLPI\u0027s Database Inventory Plugin \"manages\" the Teclib\u0027 inventory agents in order to perform an inventory of the databases present on the workstation. Prior to version 1.1.2, in certain conditions (database write access must first be obtained through another vulnerability or misconfiguration), user-controlled data is stored insecurely in the database via computergroup, and is later unserialized on every page load, allowing arbitrary PHP object instantiation. Version 1.1.2 fixes the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T16:35:56.944Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/databaseinventory/security/advisories/GHSA-xc3r-32rx-3j4j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/databaseinventory/security/advisories/GHSA-xc3r-32rx-3j4j"
},
{
"name": "https://github.com/pluginsGLPI/databaseinventory/commit/08c7055d2c5fc744cb092d7d56a608e359c56f1a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/databaseinventory/commit/08c7055d2c5fc744cb092d7d56a608e359c56f1a"
},
{
"name": "https://github.com/pluginsGLPI/databaseinventory/blob/1.1.2/CHANGELOG.md#112---2025-11-25",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/databaseinventory/blob/1.1.2/CHANGELOG.md#112---2025-11-25"
}
],
"source": {
"advisory": "GHSA-xc3r-32rx-3j4j",
"discovery": "UNKNOWN"
},
"title": "GLPI Database Inventory Plugin Vulnerable to Stored Object Injection"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-65035",
"datePublished": "2025-12-19T16:35:56.944Z",
"dateReserved": "2025-11-13T15:36:51.684Z",
"dateUpdated": "2025-12-19T18:00:25.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53360 (GCVE-0-2025-53360)
Vulnerability from cvelistv5 – Published: 2025-11-18 16:12 – Updated: 2025-11-18 18:22
VLAI?
Title
pluginsGLPI's Database Inventory Plugin allows any authenticated user to send agent requests
Summary
pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. In versions prior to 1.0.3, any authenticated user could send requests to agents. This issue has been patched in version 1.0.3.
Severity ?
4.3 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | databaseinventory |
Affected:
< 1.0.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:22:19.644618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:22:25.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "databaseinventory",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "pluginsGLPI\u0027s Database Inventory Plugin \"manages\" the Teclib\u0027 inventory agents in order to perform an inventory of the databases present on the workstation. In versions prior to 1.0.3, any authenticated user could send requests to agents. This issue has been patched in version 1.0.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T16:12:15.116Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/databaseinventory/security/advisories/GHSA-5j5j-xr62-jr58",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/databaseinventory/security/advisories/GHSA-5j5j-xr62-jr58"
},
{
"name": "https://github.com/pluginsGLPI/databaseinventory/commit/0a376a0c6f4142e11ea518faefe95c01b176fd87",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/databaseinventory/commit/0a376a0c6f4142e11ea518faefe95c01b176fd87"
},
{
"name": "https://github.com/pluginsGLPI/databaseinventory/commit/7dcad1efb6ee84e9cffb3b446cdb47dc0be1091e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/databaseinventory/commit/7dcad1efb6ee84e9cffb3b446cdb47dc0be1091e"
},
{
"name": "https://github.com/pluginsGLPI/databaseinventory/commit/e9d4474acdab4141a6f4798cdd406b0d04480269",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/databaseinventory/commit/e9d4474acdab4141a6f4798cdd406b0d04480269"
}
],
"source": {
"advisory": "GHSA-5j5j-xr62-jr58",
"discovery": "UNKNOWN"
},
"title": "pluginsGLPI\u0027s Database Inventory Plugin allows any authenticated user to send agent requests"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53360",
"datePublished": "2025-11-18T16:12:15.116Z",
"dateReserved": "2025-06-27T12:57:16.121Z",
"dateUpdated": "2025-11-18T18:22:25.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-27153 (GCVE-0-2025-27153)
Vulnerability from cvelistv5 – Published: 2025-07-01 18:27 – Updated: 2025-07-01 19:35
VLAI?
Title
Escalade GLPI Plugin Vulnerable to Improper Access Control
Summary
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11.
Severity ?
6.5 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | escalade |
Affected:
< 2.9.11
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-01T19:34:37.266649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T19:35:43.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "escalade",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003c 2.9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-01T18:27:50.677Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/escalade/security/advisories/GHSA-pvqv-8r3r-47m9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/escalade/security/advisories/GHSA-pvqv-8r3r-47m9"
},
{
"name": "https://github.com/pluginsGLPI/escalade/releases/tag/2.9.11",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/escalade/releases/tag/2.9.11"
}
],
"source": {
"advisory": "GHSA-pvqv-8r3r-47m9",
"discovery": "UNKNOWN"
},
"title": "Escalade GLPI Plugin Vulnerable to Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-27153",
"datePublished": "2025-07-01T18:27:50.677Z",
"dateReserved": "2025-02-19T16:30:47.780Z",
"dateUpdated": "2025-07-01T19:35:43.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53850 (GCVE-0-2024-53850)
Vulnerability from cvelistv5 – Published: 2024-12-26 21:41 – Updated: 2024-12-27 16:18
VLAI?
Title
The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation
Summary
The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists (by name) in GLPI.
Severity ?
8.2 (High)
CWE
- CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | addressing |
Affected:
>= 3.0.0 < 3.0.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53850",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T16:18:33.280505Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T16:18:41.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "addressing",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0 \u003c 3.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Starting with 3.0.0 and before 3.0.3, a poor security check allows an unauthenticated attacker to determine whether data exists (by name) in GLPI."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-470",
"description": "CWE-470: Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T21:41:55.270Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/addressing/security/advisories/GHSA-fw42-79gw-7qr9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/addressing/security/advisories/GHSA-fw42-79gw-7qr9"
},
{
"name": "https://github.com/pluginsGLPI/addressing/commit/b334187a99206abbd7d0bc84f720b0a6e69e92f0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/addressing/commit/b334187a99206abbd7d0bc84f720b0a6e69e92f0"
}
],
"source": {
"advisory": "GHSA-fw42-79gw-7qr9",
"discovery": "UNKNOWN"
},
"title": "The Addressing GLPI plugin allows data enumeration through uncontrolled object instantiation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-53850",
"datePublished": "2024-12-26T21:41:55.270Z",
"dateReserved": "2024-11-22T17:30:02.140Z",
"dateUpdated": "2024-12-27T16:18:41.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-45600 (GCVE-0-2024-45600)
Vulnerability from cvelistv5 – Published: 2024-12-26 21:27 – Updated: 2024-12-30 14:53
VLAI?
Title
Fields GLPI plugin has an Authenticated SQL Injection
Summary
Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to 1.21.13, an authenticated user can perform a SQL injection when the plugin is active. The vulnerability is fixed in 1.21.13.
Severity ?
7.7 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | fields |
Affected:
< 1.21.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T14:53:11.947866Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T14:53:26.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "fields",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003c 1.21.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to 1.21.13, an authenticated user can perform a SQL injection when the plugin is active. The vulnerability is fixed in 1.21.13."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T21:27:01.168Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/fields/security/advisories/GHSA-wwxw-64g6-2992",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/fields/security/advisories/GHSA-wwxw-64g6-2992"
},
{
"name": "https://github.com/pluginsGLPI/fields/commit/eb927b0f084ee4ef6c87ab2eb7a15e99369e74ae#diff-a7024a397fba9a026157683da73cc675ec6b73bd900374b3836bcdc76ec7bd5cR1166",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/fields/commit/eb927b0f084ee4ef6c87ab2eb7a15e99369e74ae#diff-a7024a397fba9a026157683da73cc675ec6b73bd900374b3836bcdc76ec7bd5cR1166"
}
],
"source": {
"advisory": "GHSA-wwxw-64g6-2992",
"discovery": "UNKNOWN"
},
"title": "Fields GLPI plugin has an Authenticated SQL Injection"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-45600",
"datePublished": "2024-12-26T21:27:01.168Z",
"dateReserved": "2024-09-02T16:00:02.423Z",
"dateUpdated": "2024-12-30T14:53:26.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33971 (GCVE-0-2023-33971)
Vulnerability from cvelistv5 – Published: 2023-05-31 17:56 – Updated: 2025-01-09 20:20
VLAI?
Title
Formcreator vulnerable to stored XSS from ##FULLFORM##
Summary
Formcreator is a GLPI plugin which allow creation of custom forms and the creation of one or more tickets when the form is filled. A probable stored cross-site scripting vulnerability is present in Formcreator 2.13.5 and prior via the use of the use of `##FULLFORM##` for rendering. This could result in arbitrary javascript code execution in an admin/tech context. A patch is unavailable as of time of publication. As a workaround, one may use a regular expression to remove `< > "` in all fields.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | formcreator |
Affected:
<= 2.13.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/formcreator/security/advisories/GHSA-777g-3848-8r3g",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/formcreator/security/advisories/GHSA-777g-3848-8r3g"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33971",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T20:20:29.619837Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T20:20:40.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "formcreator",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.13.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Formcreator is a GLPI plugin which allow creation of custom forms and the creation of one or more tickets when the form is filled. A probable stored cross-site scripting vulnerability is present in Formcreator 2.13.5 and prior via the use of the use of `##FULLFORM##` for rendering. This could result in arbitrary javascript code execution in an admin/tech context. A patch is unavailable as of time of publication. As a workaround, one may use a regular expression to remove `\u003c \u003e \"` in all fields."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-31T17:56:18.413Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/formcreator/security/advisories/GHSA-777g-3848-8r3g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/formcreator/security/advisories/GHSA-777g-3848-8r3g"
}
],
"source": {
"advisory": "GHSA-777g-3848-8r3g",
"discovery": "UNKNOWN"
},
"title": "Formcreator vulnerable to stored XSS from ##FULLFORM##"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-33971",
"datePublished": "2023-05-31T17:56:18.413Z",
"dateReserved": "2023-05-24T13:46:35.954Z",
"dateUpdated": "2025-01-09T20:20:40.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29006 (GCVE-0-2023-29006)
Vulnerability from cvelistv5 – Published: 2023-04-05 17:53 – Updated: 2025-02-10 15:23
VLAI?
Title
Order GLPI plugin vulnerable to remote code execution from authenticated user
Summary
The Order GLPI plugin allows users to manage order management within GLPI. Starting with version 1.8.0 and prior to versions 2.7.7 and 2.10.1, an authenticated user that has access to standard interface can craft an URL that can be used to execute a system command. Versions 2.7.7 and 2.10.1 contain a patch for this issue. As a workaround, delete the `ajax/dropdownContact.php` file from the plugin.
Severity ?
8.8 (High)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | order |
Affected:
>= 1.8.0, < 2.7.7
Affected: >= 2.10.0, < 2.10.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:14.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/order/security/advisories/GHSA-xfx2-qx2r-3wwm",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/order/security/advisories/GHSA-xfx2-qx2r-3wwm"
},
{
"name": "https://github.com/pluginsGLPI/order/commit/c78e64b95e54d5e47d9835984c93049f245b579e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/order/commit/c78e64b95e54d5e47d9835984c93049f245b579e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T15:23:31.220646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T15:23:39.714Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "order",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.8.0, \u003c 2.7.7"
},
{
"status": "affected",
"version": "\u003e= 2.10.0, \u003c 2.10.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Order GLPI plugin allows users to manage order management within GLPI. Starting with version 1.8.0 and prior to versions 2.7.7 and 2.10.1, an authenticated user that has access to standard interface can craft an URL that can be used to execute a system command. Versions 2.7.7 and 2.10.1 contain a patch for this issue. As a workaround, delete the `ajax/dropdownContact.php` file from the plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-05T17:53:03.041Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/order/security/advisories/GHSA-xfx2-qx2r-3wwm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/order/security/advisories/GHSA-xfx2-qx2r-3wwm"
},
{
"name": "https://github.com/pluginsGLPI/order/commit/c78e64b95e54d5e47d9835984c93049f245b579e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/order/commit/c78e64b95e54d5e47d9835984c93049f245b579e"
}
],
"source": {
"advisory": "GHSA-xfx2-qx2r-3wwm",
"discovery": "UNKNOWN"
},
"title": "Order GLPI plugin vulnerable to remote code execution from authenticated user"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-29006",
"datePublished": "2023-04-05T17:53:03.041Z",
"dateReserved": "2023-03-29T17:39:16.142Z",
"dateUpdated": "2025-02-10T15:23:39.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28855 (GCVE-0-2023-28855)
Vulnerability from cvelistv5 – Published: 2023-04-05 17:48 – Updated: 2025-02-10 16:27
VLAI?
Title
Fields GLPI plugin vulnerable to unauthorized write access to additional fields
Summary
Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to versions 1.13.1 and 1.20.4, lack of access control check allows any authenticated user to write data to any fields container, including those to which they have no configured access. Versions 1.13.1 and 1.20.4 contain a patch for this issue.
Severity ?
6.5 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | fields |
Affected:
< 1.13.1
Affected: >= 1.20.0, < 1.20.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/fields/security/advisories/GHSA-52vv-hm4x-8584",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/fields/security/advisories/GHSA-52vv-hm4x-8584"
},
{
"name": "https://github.com/pluginsGLPI/fields/commit/784260be7db185bb1e7d66b299997238c4c0205d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/fields/commit/784260be7db185bb1e7d66b299997238c4c0205d"
},
{
"name": "https://github.com/pluginsGLPI/fields/releases/tag/1.13.1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/fields/releases/tag/1.13.1"
},
{
"name": "https://github.com/pluginsGLPI/fields/releases/tag/1.20.4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/fields/releases/tag/1.20.4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T16:27:27.665693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T16:27:40.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "fields",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003c 1.13.1"
},
{
"status": "affected",
"version": "\u003e= 1.20.0, \u003c 1.20.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to versions 1.13.1 and 1.20.4, lack of access control check allows any authenticated user to write data to any fields container, including those to which they have no configured access. Versions 1.13.1 and 1.20.4 contain a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-05T17:48:22.384Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pluginsGLPI/fields/security/advisories/GHSA-52vv-hm4x-8584",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/fields/security/advisories/GHSA-52vv-hm4x-8584"
},
{
"name": "https://github.com/pluginsGLPI/fields/commit/784260be7db185bb1e7d66b299997238c4c0205d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/fields/commit/784260be7db185bb1e7d66b299997238c4c0205d"
},
{
"name": "https://github.com/pluginsGLPI/fields/releases/tag/1.13.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/fields/releases/tag/1.13.1"
},
{
"name": "https://github.com/pluginsGLPI/fields/releases/tag/1.20.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/fields/releases/tag/1.20.4"
}
],
"source": {
"advisory": "GHSA-52vv-hm4x-8584",
"discovery": "UNKNOWN"
},
"title": "Fields GLPI plugin vulnerable to unauthorized write access to additional fields"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-28855",
"datePublished": "2023-04-05T17:48:22.384Z",
"dateReserved": "2023-03-24T16:25:34.468Z",
"dateUpdated": "2025-02-10T16:27:40.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39190 (GCVE-0-2021-39190)
Vulnerability from cvelistv5 – Published: 2022-09-22 16:30 – Updated: 2025-04-23 16:56
VLAI?
Title
SCCM plugin for GLPI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Summary
The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM (version 1802) to GLPI. In versions prior to 2.3.0, the Configuration page is publicly accessible in read-only mode. This issue is patched in version 2.3.0. No known workarounds exist.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | sccm |
Affected:
< 2.3.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:58:18.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/sccm/security/advisories/GHSA-3324-57w6-jxcq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/sccm/commit/29a7f92d32a0cf9aa3f22c52c50b738274d2813e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-39190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:51:15.454232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:56:34.675Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sccm",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003c 2.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM (version 1802) to GLPI. In versions prior to 2.3.0, the Configuration page is publicly accessible in read-only mode. This issue is patched in version 2.3.0. No known workarounds exist."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-22T16:30:15.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/sccm/security/advisories/GHSA-3324-57w6-jxcq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/sccm/commit/29a7f92d32a0cf9aa3f22c52c50b738274d2813e"
}
],
"source": {
"advisory": "GHSA-3324-57w6-jxcq",
"discovery": "UNKNOWN"
},
"title": "SCCM plugin for GLPI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-39190",
"STATE": "PUBLIC",
"TITLE": "SCCM plugin for GLPI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "sccm",
"version": {
"version_data": [
{
"version_value": "\u003c 2.3.0"
}
]
}
}
]
},
"vendor_name": "pluginsGLPI"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM (version 1802) to GLPI. In versions prior to 2.3.0, the Configuration page is publicly accessible in read-only mode. This issue is patched in version 2.3.0. No known workarounds exist."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pluginsGLPI/sccm/security/advisories/GHSA-3324-57w6-jxcq",
"refsource": "CONFIRM",
"url": "https://github.com/pluginsGLPI/sccm/security/advisories/GHSA-3324-57w6-jxcq"
},
{
"name": "https://github.com/pluginsGLPI/sccm/commit/29a7f92d32a0cf9aa3f22c52c50b738274d2813e",
"refsource": "MISC",
"url": "https://github.com/pluginsGLPI/sccm/commit/29a7f92d32a0cf9aa3f22c52c50b738274d2813e"
}
]
},
"source": {
"advisory": "GHSA-3324-57w6-jxcq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-39190",
"datePublished": "2022-09-22T16:30:15.000Z",
"dateReserved": "2021-08-16T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:56:34.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43779 (GCVE-0-2021-43779)
Vulnerability from cvelistv5 – Published: 2022-01-05 18:45 – Updated: 2025-09-08 15:33
VLAI?
Title
Remote Command Execution vulnerability
Summary
GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin.
Severity ?
9.9 (Critical)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | addressing |
Affected:
< 2.9.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-09-08T15:33:16.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://github.com/hansmach1ne/CVE-portfolio/tree/main/CVE-2021-43779"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/addressing/security/advisories/GHSA-q5fp-xpr8-77jh"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/addressing/commit/6f55964803054a5acb5feda92c7c7f1d91ab5366"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hansmach1ne/MyExploits/tree/main/RCE_GLPI_addressing_plugin"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-43779",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:42:30.567643Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T18:34:23.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "addressing",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003c 2.9.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions \u003c 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server\u0027s underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T18:00:25.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/addressing/security/advisories/GHSA-q5fp-xpr8-77jh"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/addressing/commit/6f55964803054a5acb5feda92c7c7f1d91ab5366"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hansmach1ne/MyExploits/tree/main/RCE_GLPI_addressing_plugin"
}
],
"source": {
"advisory": "GHSA-q5fp-xpr8-77jh",
"discovery": "UNKNOWN"
},
"title": "Remote Command Execution vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43779",
"STATE": "PUBLIC",
"TITLE": "Remote Command Execution vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "addressing",
"version": {
"version_data": [
{
"version_value": "\u003c 2.9.1"
}
]
}
}
]
},
"vendor_name": "pluginsGLPI"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions \u003c 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server\u0027s underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pluginsGLPI/addressing/security/advisories/GHSA-q5fp-xpr8-77jh",
"refsource": "CONFIRM",
"url": "https://github.com/pluginsGLPI/addressing/security/advisories/GHSA-q5fp-xpr8-77jh"
},
{
"name": "https://github.com/pluginsGLPI/addressing/commit/6f55964803054a5acb5feda92c7c7f1d91ab5366",
"refsource": "MISC",
"url": "https://github.com/pluginsGLPI/addressing/commit/6f55964803054a5acb5feda92c7c7f1d91ab5366"
},
{
"name": "https://github.com/hansmach1ne/MyExploits/tree/main/RCE_GLPI_addressing_plugin",
"refsource": "MISC",
"url": "https://github.com/hansmach1ne/MyExploits/tree/main/RCE_GLPI_addressing_plugin"
}
]
},
"source": {
"advisory": "GHSA-q5fp-xpr8-77jh",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43779",
"datePublished": "2022-01-05T18:45:11.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2025-09-08T15:33:16.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43778 (GCVE-0-2021-43778)
Vulnerability from cvelistv5 – Published: 2021-11-24 18:50 – Updated: 2025-09-08 15:26
VLAI?
Title
Path traversal in GLPI barcode plugin
Summary
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.
Severity ?
9.1 (Critical)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pluginsGLPI | barcode |
Affected:
>= 2.0.0, < 2.6.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-09-08T15:26:50.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://github.com/hansmach1ne/CVE-portfolio/tree/main/CVE-2021-43778"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/barcode/security/advisories/GHSA-2pjh-h828-wcw9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/barcode/commit/428c3d9adfb446e8492b1c2b7affb3d34072ff46"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hansmach1ne/MyExploits/tree/main/Path%20Traversal%20in%20GLPI%20Barcode%20plugin"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pluginsGLPI/barcode/releases/tag/2.6.1"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "barcode",
"vendor": "pluginsGLPI",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-24T18:50:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pluginsGLPI/barcode/security/advisories/GHSA-2pjh-h828-wcw9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/barcode/commit/428c3d9adfb446e8492b1c2b7affb3d34072ff46"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hansmach1ne/MyExploits/tree/main/Path%20Traversal%20in%20GLPI%20Barcode%20plugin"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pluginsGLPI/barcode/releases/tag/2.6.1"
}
],
"source": {
"advisory": "GHSA-2pjh-h828-wcw9",
"discovery": "UNKNOWN"
},
"title": "Path traversal in GLPI barcode plugin",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43778",
"STATE": "PUBLIC",
"TITLE": "Path traversal in GLPI barcode plugin"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "barcode",
"version": {
"version_data": [
{
"version_value": "\u003e= 2.0.0, \u003c 2.6.1"
}
]
}
}
]
},
"vendor_name": "pluginsGLPI"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pluginsGLPI/barcode/security/advisories/GHSA-2pjh-h828-wcw9",
"refsource": "CONFIRM",
"url": "https://github.com/pluginsGLPI/barcode/security/advisories/GHSA-2pjh-h828-wcw9"
},
{
"name": "https://github.com/pluginsGLPI/barcode/commit/428c3d9adfb446e8492b1c2b7affb3d34072ff46",
"refsource": "MISC",
"url": "https://github.com/pluginsGLPI/barcode/commit/428c3d9adfb446e8492b1c2b7affb3d34072ff46"
},
{
"name": "https://github.com/hansmach1ne/MyExploits/tree/main/Path%20Traversal%20in%20GLPI%20Barcode%20plugin",
"refsource": "MISC",
"url": "https://github.com/hansmach1ne/MyExploits/tree/main/Path%20Traversal%20in%20GLPI%20Barcode%20plugin"
},
{
"name": "https://github.com/pluginsGLPI/barcode/releases/tag/2.6.1",
"refsource": "MISC",
"url": "https://github.com/pluginsGLPI/barcode/releases/tag/2.6.1"
}
]
},
"source": {
"advisory": "GHSA-2pjh-h828-wcw9",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43778",
"datePublished": "2021-11-24T18:50:10.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2025-09-08T15:26:50.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}