HTTP: GLPI install.php Script Arbitrary Command and SQL Injection
This signature detects attempts to exploit a known vulnerability against GLPI web application. It is due to insufficient validation of user-supplied input. Attackers can execute arbitrary commands or submit malicious SQL statements to the underlying database.
Extended Description
inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and (1) perform a SQL injection via an Etape_4 action or (2) execute arbitrary PHP code via an update_1 action.
Affected Products
Glpi-project glpi
Short Name
HTTP:GLPI-INSTALLPHP-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Arbitrary CVE-2013-5696 Command GLPI Injection SQL Script and install.php
Release Date
11/25/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Glpi-project
CVSS Score
6.8