GLPI-project GLPI 0.90.4

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:glpi-project:glpi:0.90.4:*:*:*:*:*:*:*

part: a version: 0.90.4 update: *

VendorGlpi Project (bef553f0-49a5-5069-ba42-78448263cef9)
ProductGlpi (5fde319e-7958-54ba-bdc3-1448651b65ce)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/mrlioncub/glpi purl2cpe 2026-06-01 10:15:46.950650
pkg:github/glpi-project/glpi purl2cpe 2026-06-01 10:15:46.950651

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2016-7509 vulnerable 2026-06-03 14:36:07.995237 Details available
Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to inject arbitrary web script or HTML by attaching a crafted HTML file to a ticket.
Published: 2017-07-19T13:00:00.000Z
Updated: 2024-08-06T01:57:47.634Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-7508 vulnerable 2026-06-03 14:36:07.994937 Details available
Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authenticated remote attacker to execute arbitrary SQL commands by using a certain character when the database is configured to use Big5 Asian encoding.
Published: 2017-06-21T20:00:00.000Z
Updated: 2024-08-06T01:57:47.644Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-7507 vulnerable 2026-06-03 14:36:07.994537 Details available
Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows remote authenticated attackers to submit a request that could lead to the creation of an admin account in the application.
Published: 2017-07-19T13:00:00.000Z
Updated: 2024-08-06T01:57:47.645Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.