Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php.
References
Link | Resource |
---|---|
https://github.com/glpi-project/glpi/commit/684d4fc423652ec7dde21cac4d41c2df53f56b3c | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-27T16:23:10
Updated: 2019-03-27T16:23:10
Reserved: 2019-03-27T00:00:00
Link: CVE-2019-10232
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-03-27T17:29:02.370
Modified: 2019-03-28T17:34:17.450
Link: CVE-2019-10232
JSON object: View
Redhat Information
No data.
CWE