Glpi · Glpi · CVE-2012-1037
**Name of the Vulnerable Software and Affected Versions**
GLPI versions 0.78 through 0.80.61
**Description**
The issue allows remote authenticated users to execute arbitrary PHP code via a URL in the `sub type` parameter in the front/popup.php file.
**Recommendations**
For GLPI versions 0.78 through 0.80.61, update to a version that contains a fix for this issue to prevent remote execution of arbitrary PHP code.