ALT-PU-2017-2291-1

CVE-2017-11183

MEDIUM4.9

front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.

Опубликовано: 2017-07-28Изменено: 2025-04-20

CVSS 2.0СРЕДНЯЯ 5.5

CVSS:2.0/AV:N/AC:L/Au:S/C:N/I:P/A:P

CVSS 3.xСРЕДНЯЯ 4.9

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Ссылки

CVE-2017-11184

CRITICAL9.8

SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter.

Опубликовано: 2017-07-28Изменено: 2025-04-20

CVSS 2.0ВЫСОКАЯ 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xКРИТИЧЕСКАЯ 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Ссылки

CVE-2017-11329

CRITICAL9.8

GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.

Опубликовано: 2017-07-17Изменено: 2025-04-20

CVSS 2.0ВЫСОКАЯ 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xКРИТИЧЕСКАЯ 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Ссылки

CVE-2017-11474

CRITICAL9.8

GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php.

Опубликовано: 2017-07-20Изменено: 2025-04-20

CVSS 2.0ВЫСОКАЯ 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xКРИТИЧЕСКАЯ 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Ссылки

CVE-2017-11475

HIGH8.8

GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php.

Опубликовано: 2017-07-20Изменено: 2025-04-20

CVSS 2.0СРЕДНЯЯ 6.5

CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS 3.xВЫСОКАЯ 8.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ссылки

Обновление пакета glpi в ветке sisyphus

Закрытые проблемы (5)

front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.

SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter.

GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.

GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php.

GLPI before 9.1.5.1 has SQL Injection in the condition rule field, exploitable via front/rulesengine.test.php.