GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries
Posted: Sun Mar 30, 2025 6:22 am
A critical SQL injection vulnerability, tracked as CVE-2025-24799, has been identified in GLPI, a widely used open-source IT Service Management (ITSM) tool.
The flaw, if exploited, enables remote, unauthenticated attackers to manipulate database queries, potentially leading to severe consequences such as data theft, tampering, or even remote code execution.
https://gbhackers.com/glpi-itsm-tool-flaw/
The flaw, if exploited, enables remote, unauthenticated attackers to manipulate database queries, potentially leading to severe consequences such as data theft, tampering, or even remote code execution.
https://gbhackers.com/glpi-itsm-tool-flaw/