CVE-2013-5696

Related Files

GLPI 0.84.1 Access Control / Code Injection

Posted Oct 2, 2013

Authored by High-Tech Bridge SA | Site htbridge.com

GLPI version 0.84.1 suffers from improper access control bypass and PHP code injection vulnerabilities.

tags | exploit, php, vulnerability

advisories | CVE-2013-5696

SHA-256 | eff44306fe558c9ddee7deaada237abd8335437f7528971070868f8ecce632f6

Download | Favorite | View

Mandriva Linux Security Advisory 2013-240

Posted Sep 25, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-240 - Multiple security vulnerabilities exist due to improper sanitation of user input in GLPI versions prior to 0.83.9, 0.83.91, and 0.84.2. This update provides GLPI version 0.83.91, with a patch from GLPI 0.84.2, to fix these issues.

tags | advisory, vulnerability

systems | linux, mandriva

advisories | CVE-2013-2225, CVE-2013-2226, CVE-2013-5696

SHA-256 | 4d3c00a2edfe641cebcea5516c934560c44649ada453ccf113b27403bf71b449

Download | Favorite | View

GLPI install.php Remote Command Execution

Posted Sep 20, 2013

Authored by Tristan Leiter | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in the GLPI 'install.php' script. Users should use this exploit at his own risk, since it's going to overwrite database configuration.

tags | exploit, arbitrary, php

advisories | CVE-2013-5696

SHA-256 | 79ddcfadea6c138a29a453a0dc3ff975e1ac590cc8150a6246c57abfb76852b1

Download | Favorite | View