CVE-2025-32786 | glpi-project glpi-inventory-plugin up to 1.5.0 sql injection

Inserito da Angelo Barbosa | Nov 4, 2025 | CVE

A vulnerability was found in glpi-project glpi-inventory-plugin up to 1.5.0. It has been rated as critical. The affected element is an unknown function. The manipulation leads to sql injection.

This vulnerability is referenced as CVE-2025-32786. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.

CVE-2025-32786 | glpi-project glpi-inventory-plugin up to 1.5.0 sql injection

Post correlati

CVE-2024-33937 | Nico Martin Progressive Plugin up to 2.1.13 on WordPress authorization

CVE-2024-20504 | Cisco Secure Email Web-based Management Interface cross site scripting (cisco-sa-esa-wsa-sma-xss-zYm3f49n)

CVE-2024-7891 | Floating Contact Button Plugin up to 2.7 on WordPress Setting cross site scripting

CVE-2024-9914 | D-Link DIR-619L B1 2.06 formSetWizardSelectMode curTime buffer overflow