Glpi-project Positions — known CVE vulnerabilities
Every CVE whose affected-product data names Glpi-project Positions, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2022-34128 — CVSS 9.8 (critical): The Cartography (aka positions) plugin before 6.0.1 for GLPI allows remote code execution via PHP code in the POST data to front/upload.php.