oval:redos:def:6405

Scores

EPSS

0.000None0.0%

0%20%40%60%80%100%

Percentile: 0.0%

CVSS

0.0None3.x

0246810

CVSS Score: 0.0/10

All CVSS Scores

CVSS 3.x

0.0

Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Уязвимость в модуле htmlawed системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI
связана с неправильной проверкой ввода в /vendor/htmlawed/htmlawed/htmLawedTest.php. Эксплуатация
уязвимости может позволить нарушителю, действующему удаленно, внедрить произвольных PHP код

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

redos

Related Vulnerabilities

CVE-2022-35914

Reference Links

https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-glpi-cve-2022-35914/

https://nvd.nist.gov/vuln/detail/CVE-2022-35914

Vulnerable Software (2)

Type: Configuration

Product: glpi

Operating System: redos 7.3

Trait:

{
  "version_end_excluding": "0:9.5.13-1"
}

Source: redos

Type: Configuration

Product: glpi

Operating System: redos 7.3

Trait:

{
  "version_end_excluding": "0:9.5.13-1"
}

Source: redos

Russian Vulnerability Scanner Database

oval:redos:def:6405

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

c

i

a

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

Related Vulnerabilities

Reference Links

Vulnerable Software (2)