CVE-2017-11474CVE-2017-11474

Affected configuration(s):

cpe:/a:glpi-project:glpi:9.1.5.0

Date published: 2017-07-20T00:29:00.360-04:00

Date last modified: 2017-07-21T12:34:41.493-04:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: https://github.com/glpi-project/glpi/issues/2475

Summary: GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.