Glpi Project Glpi Inventory
By the Year
In 2023 there have been 0 vulnerabilities in Glpi Project Glpi Inventory . Last year Glpi Inventory had 2 security vulnerabilities published. Right now, Glpi Inventory is on track to have less security vulnerabilities in 2023 than it did last year.
It may take a day or so for new Glpi Inventory vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Glpi Project Glpi Inventory Security Vulnerabilities
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing
9.8 - Critical
- June 27, 2022
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. glpi-inventory-plugin is a plugin for GLPI to handle inventory management. In affected versions a SQL injection can be made using package deployment tasks. This issue has been resolved in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should delete the `front/deploypackage.public.php` file if they are not using the `deploy tasks` feature.
### Impact A plugin public script can be used to read content of system files
5.3 - Medium
- June 20, 2022
### Impact A plugin public script can be used to read content of system files. ### Patches Upgrade to version 1.0.2. ### Workarounds `b/deploy/index.php` file can be deleted if deploy feature is not used.