Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-9258

SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.

See the

CVE page on Mitre.org for more details.

References

EXPLOIT-DB: 35528
MISC: http://security.szurek...
OSVDB: 115957
SECUNIA: 61367
CONFIRM: http://advisories.mage...
MANDRIVA: MDVSA-2015:167
FEDORA: FEDORA-2014-17497
FEDORA: FEDORA-2014-17508
FEDORA: FEDORA-2014-17520
CONFIRM: http://www.glpi-projec...

Launchpad.net

CVE 2014-9258

Related bugs

References