CVE-2014-9258

Опубликовано: 19 дек. 2014

Источник: debian

Описание

SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
glpi	removed			package

Примечания

Only supported behind an authenticated HTTP zone

Связанные уязвимости

CVE-2014-9258

ubuntu

около 11 лет назад

SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.

CVE-2014-9258

nvd

около 11 лет назад

SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.

GHSA-rv52-jqj3-929g

github

больше 3 лет назад

SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.