{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T02:57:33.739","vulnerabilities":[{"cve":{"id":"CVE-2022-29250","sourceIdentifier":"security-advisories@github.com","published":"2022-06-09T20:15:08.267","lastModified":"2024-11-21T06:58:48.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to version 10.0.1 it is possible to add extra information by SQL injection on search pages. In order to exploit this vulnerability a user must be logged in."},{"lang":"es","value":"GLPI es un paquete de software gratuito de administración de activos y TI que ofrece funciones de Service Desk de ITIL, seguimiento de licencias y auditoría de software. En versiones anteriores a 10.0.1, es posible añadir información extra mediante inyección SQL en las páginas de búsqueda. Para explotar esta vulnerabilidad un usuario debe estar conectado"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:glpi-project:glpi:10.0.0:-:*:*:*:*:*:*","matchCriteriaId":"B6C1760F-4B01-4775-8481-D93BA28888BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:glpi-project:glpi:10.0.0:beta:*:*:*:*:*:*","matchCriteriaId":"D0378AD5-BFA0-40CD-BFB5-9D9E0790E9B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:glpi-project:glpi:10.0.0:rc1:*:*:*:*:*:*","matchCriteriaId":"E82A2E80-7C91-4147-A951-CA25E3AA1F01"},{"vulnerable":true,"criteria":"cpe:2.3:a:glpi-project:glpi:10.0.0:rc2:*:*:*:*:*:*","matchCriteriaId":"16485B8E-5550-433C-A352-BABBC22DF375"},{"vulnerable":true,"criteria":"cpe:2.3:a:glpi-project:glpi:10.0.0:rc3:*:*:*:*:*:*","matchCriteriaId":"076C11C8-A848-43FB-8C01-E68D85015C58"}]}]}],"references":[{"url":"https://github.com/glpi-project/glpi/security/advisories/GHSA-5w33-4wrx-8hvw","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/glpi-project/glpi/security/advisories/GHSA-5w33-4wrx-8hvw","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}