CVE-2019-12530

Name of the Vulnerable Software and Affected Versions GLPI stdonato Dashboard plugin versions through 0.9.7

Description Incorrect access control was discovered in the stdonato Dashboard plugin for GLPI, affecting several PHP files in the front/sh directory, including df.php, issue.php, load.php, mem.php, traf.php, and uptime.php.

Recommendations For versions through 0.9.7, consider restricting access to the affected PHP files until a patch is available. As a temporary workaround, limit access to the front/sh directory to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.