Common Vulnerabilities and Exposures assigned an identifier CVE-2014-9258 to the following vulnerability: Name: CVE-2014-9258 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9258 Assigned: 20141204 Reference: http://secunia.com/advisories/61367 SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.
Created glpi tracking bugs for this issue: Affects: fedora-all [bug 1176167] Affects: epel-all [bug 1176168]
glpi-0.84.8-3.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
glpi-0.84.8-3.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
glpi-0.83.9.1-5.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
glpi-0.83.9.1-6.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
glpi-0.83.9.1-5.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
glpi-0.84.8-3.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.