CVE-2021-44617

2022-03-2802:15:06

Google

osv.dev

8.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.5%

JSON

A SQL Injection vulnerability exits in the Ramo plugin for GLPI 9.4.6 via the idu parameter in plugins/ramo/ramoapirest.php/getOutdated.

CPENameOperatorVersion
glpieq9.1-RC1
glpieq9.4.0-beta
glpieq9.4.0-rc2
glpieq9.4.3
glpieq9.4.0
glpieq0.90.1
glpieq0.90-RC2
glpieq9.4.4
glpieq0.90
glpieq9.4.1.1

Name	Operator	Version
glpi	eq	9.1-RC1
glpi	eq	9.4.0-beta
glpi	eq	9.4.0-rc2
glpi	eq	9.4.3
glpi	eq	9.4.0
glpi	eq	0.90.1
glpi	eq	0.90-RC2
glpi	eq	9.4.4
glpi	eq	0.90
glpi	eq	9.4.1.1

Rows per page:

1-10 of 211

References

packetstormsecurity.com/files/166285/Baixar-GLPI-Project-9.4.6-SQL-Injection.html