Teclib-Edition: >> Gestionnaire Libre De Parc Informatique Security Vulnerabilities
Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php).
CVSS Score
9.8
EPSS Score
0.003
Published
2019-03-27
Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php.
CVSS Score
9.8
EPSS Score
0.859
Published
2019-03-27