writeups.xyz / Advisory | GLPI Service Management Software Multiple Vulnerabilities and Remote Code Execution

Submitter : c2a

Date: 8 July 2022

Bounty : undisclosed

Vulnerabilities :

• SQL Injection
• RCE
• LFI

Programs :

• GLPI

Authors :

• Nuri Çilengir (@Ncilengir)

Link :
https://pentest.blog/advisory-glpi-service-management-software-sql-injection-remote-code-execution-and-local-file-inclusion/