cve/CVE-2024-29889.md at f0ac04d7677853df048666db730bdfce74d87780

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

GLPI is a Free Asset and IT Management Software package. Prior to 10.0.15, an authenticated user can exploit a SQL injection vulnerability in the saved searches feature to alter another user account data take control of it. This vulnerability is fixed in 10.0.15.

POC

Reference

No PoCs from references.

Github

https://github.com/PhDLeToanThang/itil-helpdesk
https://github.com/fkie-cad/nvd-json-data-feeds

908 B Raw Blame History

CVE-2024-29889

Description

POC

Reference

Github

908 B

Raw Blame History