PT-2026-30614 · Glpi+1 · Glpi+1
Shakun8
+1
·
Published
2026-04-06
·
Updated
2026-04-17
·
CVE-2026-29047
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
GLPI versions 10.0.0 through 10.0.23
GLPI versions prior to 11.0.6
Description
An authenticated user can perform a SQL injection, which is a technique where malicious SQL statements are inserted into entry fields for execution, via the logs export feature.
Recommendations
Update to version 10.0.24.
Update to version 11.0.6.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Glpi
Red Os