CVE-2019-10232 — Vulnetix

CVE-2019-10232 PUBLISHED

Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php.

EPSS 85.87% · 99.4th percentile

Risk Scores

EPSS Score

85.87%

99.4th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	glpi	0, 0.84.8+dfsg.1-1, 0.84.8+dfsg.1-1ubuntu1

Exploit Intelligence

(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)

…and 71 more exploits

Timeline

Jan 20, 1970 CrowdSec Sighting
Jan 20, 1970 CrowdSec Sighting
Jan 20, 1970 CrowdSec Sighting
Jan 20, 1970 CrowdSec Sighting
Jan 20, 1970 CrowdSec Sighting
Jan 21, 1970 CrowdSec Sighting
Jan 21, 1970 CrowdSec Sighting
Jan 21, 1970 CrowdSec Sighting
Jan 21, 1970 CrowdSec Sighting
Jan 21, 1970 CrowdSec Sighting
Jan 21, 1970 CrowdSec Sighting
Mar 27, 2019 CVE Published

References

https://ubuntu.com/security/CVE-2019-10232 third-party-advisory
https://github.com/glpi-project/glpi/commit/684d4fc423652ec7dde21cac4d41c2df53f56b3c third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2019-10232 third-party-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›