Primary

Context

GLPI Inventory Plugin SQL Injection Vulnerability

Vulnerability

Patched

A SQL injection vulnerability has been identified in the GLPI Inventory Plugin, specifically in versions through 1.5.0. This vulnerability allows for unauthenticated SQL injection, posing a high risk to users.

Impact

Exploitation of this vulnerability allows for unauthenticated SQL injection, which could lead to unauthorized data access or manipulation within the application's database.

Remediation

Users are advised to upgrade to GLPI Inventory Plugin version 1.5.1, which addresses the SQL injection vulnerability. The updated version can be downloaded from the GLPI Inventory Plugin GitHub Releases page.

Added: Nov 4, 2025, 9:25 PM

Updated: Nov 4, 2025, 9:25 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.8

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.8

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GLPI Inventory Plugin SQL Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

GLPI Inventory Plugin

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating