Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-31056

Опубликовано: 28 июн. 2022
Источник: nvd
CVSS3: 9.8
CVSS2: 7.5
EPSS Низкий

Описание

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms (Ticket/Change/Problem) permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and all affected users are advised to upgrade.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*
Версия от 10.0.0 (включая) до 10.0.2 (исключая)

EPSS

Процентиль: 86%
0.03078
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89
CWE-89

Связанные уязвимости

ubuntu логотип

CVE-2022-31056

CVSS3: 9.8
ubuntu
больше 3 лет назад

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms (Ticket/Change/Problem) permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and all affected users are advised to upgrade.

debian логотип

CVE-2022-31056

CVSS3: 9.8
debian
больше 3 лет назад

GLPI is a Free Asset and IT Management Software package, Data center m ...

EPSS

Процентиль: 86%
0.03078
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89
CWE-89