New version GLPI 10.0.10

A new GLPI version is available.

This release fixes a critical security issue that have been recently discovered. Update is strongly recommended!

You can download the GLPI 10.0.10 archive on GitHub.

You will find below the list of security issues fixed in this bugfixes version:

  • Unallowed PHP script execution (CVE-2023-42802).
  • Account takeover via SQL Injection in UI layout preferences (CVE-2023-41320).
  • Account takeover via Kanban feature (CVE-2023-41326).
  • Account takeover through API (CVE-2023-41324).
  • File deletion through document upload process (CVE-2023-42462).
  • Sensitive fields enumeration through API (CVE-2023-41321).
  • Privilege Escalation from technician to super-admin (CVE-2023-41322).
  • Users login enumeration by unauthenticated user (CVE-2023-41323).
  • Phishing through a login page malicious URL (CVE-2023-41888).
  • SQL injection in ITIL actors (CVE-2023-42461).

Also, here is a short list of main changes done in this version:

  • PHP 8.3 and MySQL 8.1 support.
  • Enable usage of images in rich text of followups/tasks/solution templates.
  • Improve ticket timeline rendering performances.
  • Fix issues with usage of LDAP bind options.
  • Fix some issues on SLA/OLA escalation levels computation.
  • Fix some issues on search on numeric and dates fields.

The full changelog is available for more details.

Download GLPI 10.0.10

We would like to thank all people who contributed to this new version and all those who contributes regularly to the GLPI project!


Success story: Ddosoft


Meet Ali Burak, the co-founder of DDOSOFT, a dynamic software development company. Ali’s journey with GLPI began a couple of years ago when his team was facing the challenge of expensive agents in their ticket management software, Jira. Seeking an open source solution, Ali discovered GLPI while browsing the internet:

ddosoft success story

Ali’s Journey with GLPI: Streamlining Business with Open Source

It was a couple of years ago. I was working with the Jira software and the agents were getting expensive, so we were looking for an open source solution. I came across GLPI on the internet. I think the first version I tried was 9.3.”

At DDOSOFT, they opted to use GLPI on-premise, managing it through their own virtual data center where they’ve set up Linux and Windows servers. For their business, Asset Management and Assistance features proved to be crucial:

“When I was looking for a ticket management software, I saw GLPI that apart from being a ticket management software could also take care of the assets and assistance. So I said “let’s give it a try”. And, I have installed it and am still using it. We have seen the effects both in Asset management and Assistance. We are now aware of how many devices we actually have in real numbers, and can monitor if something is installed on the computer or if any assets appear. And for Assistance, we have lots of phone calls and now we have control over them. We have a history of what we have done and a knowledge base that we have created to use it if we came across similar issues”.

Ali explains that initially, they were seeking a ticket management software, but GLPI’s versatility caught their attention. Not only could it handle tickets efficiently, but it also provided a robust system for asset management and assistance. Intrigued, they decided to give it a try, and the decision paid off. With GLPI, they gained better visibility into their actual device count and could easily track software installations or changes in assets.


Assistance also saw a major boost. DDOSOFT now had a structured approach to handling phone calls and queries. With a well-organized history of actions and a growing knowledge base, they efficiently tackled similar issues that cropped up over time.


One of their favorite GLPI plugins is the inventory plugin, particularly useful due to their extensive inventory of devices like tablets, computers, and networking equipment. The plugin helps them maintain a clear picture of software installations and device counts across their infrastructure.


When asked about the best GLPI feature, Ali highlights Assistance and Helpdesk, citing their ticket and document management capabilities as game-changers. He appreciates the user-friendly interface of the software’s newer version, emphasizing its enhanced responsiveness and ease of use.


For Ali, the open source nature of GLPI and the strong community support it enjoys are crucial factors. In an industry where pricing matters, having a trustworthy open source community backing the software is invaluable. Ali and his team were able to leverage their technical expertise to install and use GLPI on-premise with confidence:

“Yes, because for companies price is a very important thing. But the most important thing is the open source community. We can trust it. Actually, in commercial versions of some softwares I cannot trust. We had the technical knowledge so we could easily install it and use it on premise”.

Summing up his experience with GLPI, Ali underscores its substantial impact on their business organization. From version nine to the present, GLPI’s Assistant and Asset Management modules have played a pivotal role in helping them maintain order and stay on top of their assets. In Ali’s own words, GLPI has significantly contributed to the improvement of their business operations.

                      How can you try GLPI?

If you have not tried GLPI yet, you can start a free 45 day trial on GLPI Network Cloud (no credit card needed!): 

If you want to download GLPI on-premise and need assistance, our partners-integrators can support you (you will need to have a valid GLPI Network Subscription). 

Do you use GLPI and want to share your experience?

We are proud to state that our solution is used by millions of people worldwide. If you are one of them and you want to contribute the promotion, we invite you to leave your contact details.

We will be delighted to hear your story!

New partner Silver in Spain : Abast

We are happy to announce our new Silver partner in Spain – Abast.

ABAST is an IT solutions integrator with nearly 40 years of experience in the industry, boasting a team of 425 professionals across its offices in Barcelona, Madrid, and Palma. Its range of services and solutions addresses the technological needs of organizations through various areas of specialization:

  • Business Solutions,
  • Platform Services,
  • Data Services,
  • Governance & Security Services.

Within its Governance & Security Services branch, ABAST has a specialized business unit focused on IT Management and Governance that implements solutions to assist IT departments in service management (ITSM), operation automation, and comprehensive observability and monitoring of IT infrastructures and services.

For over 20 years, ABAST has been designing, implementing, and evolving market-leading solutions for IT service management. Leveraging this experience and our high level of expertise, we can assist IT departments in implementing and deploying the most suitable solution for their service management needs.


We are excited that GLPI ITSM solution is becoming more and more represented all over the world and GLPI Network (our support offer for on-premises – get your IT Infrastructure secured) subscription service will be available for more customers through our new partners.

Our large partnership network is always open for new collaborations. If you are interested in representing one of our products in your country, get in touch with us:

Being a partner means:

  • Having an a direct access to the Teclib´s tech expertise;
  • Get special discounts;
  • Access official support,
  • Many other tools which will help you to gain more customers and increase reputation on the market by adding open source ITSM to your portfolio.

Discover all benefits of being a partner here:

Success story: City of Košice (OMNICOM partner).

City of Košice: digital transformation.

City of Košice embarked on an ambitious IT infrastructure transformation program, including the Service Desk project, to centralize and standardize IT operations based on ITIL best practices. This project aimed to integrate multiple IT technician teams and 1500 IT users, consolidating all IT services and requests into a single system. By implementing the GLPI platform and ten ITSM processes, the city aimed to enhance service delivery and provide improved IT services to its employees and affiliated organizations.



OMNICOM is an official Gold partner of Teclib (GLPI) in Slovakia. Founded in 1995 (more than 15 years in ITSM / ESM business) OMNICOM provides implementation and support services for several service management tools.

They are not just a tool integrator but also an implementer with a focus on delivering high added value through changes in value streams, tools, and people. OMNICOM‘s services are designed to support multi-entity environments, and they have successfully deployed GLPI to over 200 technicians and more than 3000 assets, including GLPI agents.

Their extensive portfolio of successful projects includes the recent completion of the Service Desk project for the city of Košice, which we will discuss more in detail below.

City of Košice project background.

The city of Košice had an ambitious IT infrastructure transformation program in place, which included several IT projects, one of which was the Service Desk project. The main objective of the Service Desk project was to set up IT and IT operations according to ITIL best practices, centralize IT, and standardize IT operations. 

1. The challenge:

The project presented several challenges related to the large scope of the project. One of the most significant challenges was the need to include all existing IT technician teams from 12 city organizations. Additionally, all IT users of the city of Košice, totalling 1500 users, needed to be integrated as well. The objective was to have all IT requirements in one place, which meant consolidating all IT services and requests into a single system, making it easier for users to request services and for technicians to manage them.

The expected outcome was to establish a realistic set of expectations for IT services through the creation of a service catalogue. This catalogue would provide users with a clear understanding of the IT services available to them and the level of service they could expect to receive. Second, the aim was to improve the overall quality of IT services provided to users by implementing ITIL best practices.

2. The goal:

The goal was to design and implement a new system for the management of IT services for the City of Kosice and its included organizations. This involved creating a functional design for individual ITSM processes that would support the management of IT services for the city, in line with ITILv4 best practices. The project team also processed a detailed functional specification for the implementation of the Service Desk using the GLPI platform, an open-source software.

3. Why GLPI?

OMNICOM: “GLPI is a tool that covers and complies with requested scope of ITIL processes. On the other hand, GLPI allows setting up a multi-level structure of organisations (so-called entities) and assigning technician groups to separate organisations, which in this case and for the needs of IT and IT operation appeared to be an ideal solution. Also, thanks to the open-source licensing model, the city IT can also scaleup the usage of GLPI without negative impact to the planned IT budget”.

4. Project implementation:

Once the functional design and specification were complete, the team implemented the necessary functionalities and processes in both the test and production environments. 

The project implementation involved the introduction of ten ITSM processes (including Incident Management, Service Request Fulfilment, Change Management, Problem Management, Service Asset Management, Configuration Management, Knowledge Management, Supplier Management, Service Catalogue Management, and Service Level Management). For each of these processes, OMNICOM designed workflows and configured GLPI to support them.

OMNICOM: “The scope of the project was challenging. We knew that the big bang approach will be doomed to failure. Therefore, we suggested splitting the implementation process into individual sub-fulfilments, up to three iterations, on the basis of which the design and functionality of ServiceDesk modules were specified. These functionalities were step by step implemented and tested by working groups and defined users.

This resulted in a better adaptation of the new tool and its functionalities for the IT users themselves. It was very important to design the processes in such a way that they reflect the customers’ needs and are also not too complex for their application in practice”.

A project manager from OMNICOM was assigned to control the project from start to finish, ensuring that it was delivered within the contracted timeline of up to 9 months. However, due to effective management and efficient work processes, the project was delivered within just 7 months, which was ahead of schedule. 

To ensure the project was delivered smoothly and with minimal disruption to ongoing operations, it was divided into three distinct phases, each with specific deliverables.

5. Results:

The project aimed to create and implement a Service Desk tool for managing IT services for the City of Košice and its associated organisations. Additionally, it involved the implementation of 10 ITSM processes to improve service delivery. The main outcome of the project is the enhanced ability of IT teams to provide improved IT services to all employees within the city and its affiliated organisations.

OMNICOM: “The project was about to design and implement a Service Desk tool for managing the IT services for the City of Košice and other 12 organisations belonging under the City of Košice. It was also tightly connected with the introduction of 10 ITSM processes.

The main result is increased ability of IT teams to provide better IT services for all employees of the city and related organisations. GLPI also allows them to automate some activities and enable professional management of IT services in accordance with ITIL best practice.

Self-service portal as a single point of contact between end users and IT support was introduced. We immediately see benefits like faster resolved user queries such incidents and requests. Change management helps to protect stability of IT operation and minimise negative impact of changes. IT is now able to measure user satisfaction and gather feedback in order to improve the quality of IT services”.

6. Regarding the collaboration with the City of Kosice

The collaboration between OMNICOM and the City of Košice has been characterised by a high level of professionalism. Despite the project’s broad scope, OMNICOM was able to complete it successfully in less time than expected. We greatly value the open communication and mutual understanding between both parties, recognizing that this project is a shared effort where collaboration is essential for achieving our goals.

OMNICOM: “Cooperation with the City of Košice was and is at a highly professional level, and despite the wide scope of the project, we managed it to successfully finish in a shorter time than it was defined. We really appreciate open communication and great understanding that this is a common project, where both sides need to collaborate in order to achieve the goals”.

Mesto Košice about GLPI:

The ITSM tool procurement selected the GLPI application by Teclib. It is an open-source solution. We required a robust system with support from a local Teclib partner that would ensure that one team could provide assistance from one location. The contested tool meets all our expectations and is open to further adaptations and changes.“

Mesto Košice about Omnicom:

The supplier of the GLPI application – Omnicom – was active from the time the tender was announced, it was clear that he cares about this contract. He approached the client professionally, he was interested in clarifying all the details of the assignment. Even during the design of the solution and its implementation, we perceived the positive and professional approach of the project team. We are currently in the phase of post-implementation support and continue to work together to improve the tool. We are extremely satisfied with the supplier.“

                      How can you try GLPI?

If you have not tried GLPI yet, you can start a free 45 day trial on GLPI Network Cloud (no credit card needed!): 

If you want to download GLPI on-premise and need assistance, our partners-integrators can support you (you will need to have a valid GLPI Network Subscription). 

Do you use GLPI and want to share your experience?

We are proud to state that our solution is used by millions of people worldwide. If you are one of them and you want to contribute the promotion, we invite you to leave your contact details.

We will be delighted to hear your story!

New version GLPI 10.0.8 is available

A new GLPI version is available.

This release fixes several security issues that have been recently discovered. Update is recommended!

You can download the GLPI 10.0.8 archive on GitHub.

You will find below the list of security issues fixed in this bugfixes version:

  • SQL injection via inventory agent request (CVE-2023-35924).
  • SQL injection through Computer Virtual Machine information (CVE-2023-36808).
  • Unauthorized access to Dashboard data (CVE-2023-35939).
  • Unauthenticated access to Dashboard data (CVE-2023-35940).
  • Reflected XSS in search pages (CVE-2023-34244).
  • Unauthorized access to knowledge base items (CVE-2023-34107).
  • Unauthorized access to user data (CVE-2023-34106).

Also, here is a short list of main changes done in this version:

  • Improve mail grouping (#14296)
  • Add deleted status in item’s header (#14382)
  • Add option to control the display of dropdowns labels (#14472)
  • Permits to check DB schema from GLPI versions >= 0.80 (#14666)
  • Improve performance of plugins init (#14511)
  • Improve performance of kanban views (#14525, #14599, #14764)
  • Ldap issues with PHP versions >= 8.1 (#14561)
  • SLA waiting time duration (#14937)
  • Notification encoding for MS Outlook (#14959)
  • A lot of fixes in native inventory

The full changelog is available for more details.

We would like to thank all people who contributed to this new version and all those who contributes regularly to the GLPI project!