GLPI is prone to a local file include vulnerability because it fails to adequately validate user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer other attacks are also possible. GLPI 0.83.7 is vulnerable. Other versions may also be vulnerable.

• http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5145.php

---

Updated on 2015-03-25