CVE-2023-29006

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-29006

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29006.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-29006

Aliases

GHSA-xfx2-qx2r-3wwm

Published

2023-04-05T17:53:03.041Z

Modified

2025-12-04T23:46:57.535136Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Order GLPI plugin vulnerable to remote code execution from authenticated user

Details

The Order GLPI plugin allows users to manage order management within GLPI. Starting with version 1.8.0 and prior to versions 2.7.7 and 2.10.1, an authenticated user that has access to standard interface can craft an URL that can be used to execute a system command. Versions 2.7.7 and 2.10.1 contain a patch for this issue. As a workaround, delete the ajax/dropdownContact.php file from the plugin.

Database specific

{
    "cwe_ids": [
        "CWE-502"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/29xxx/CVE-2023-29006.json"
}

References

Affected packages

Git / github.com/pluginsglpi/order

Affected ranges

Type

GIT

Repo

https://github.com/pluginsglpi/order

Events

Introduced

26e59930bd83a9b24501329d35720aab3664b404

Fixed

fc4c67dd2038ce0c09fe8c6ffd1592357fb1f764

Database specific

{
    "versions": [
        {
            "introduced": "1.8.0"
        },
        {
            "fixed": "2.7.7"
        }
    ]
}

Type

GIT

Repo

https://github.com/pluginsglpi/order

Events

Introduced

cd87d4db2c1b627ed0f61ea6e78df5f97c7ebab0

Fixed

9dbd82e3f690b5007a48d60bb349c476a38da49f

Database specific

{
    "versions": [
        {
            "introduced": "2.10.0"
        },
        {
            "fixed": "2.10.1"
        }
    ]
}

Affected versions

2.*

2.10.0