Tips-Of-Mine/GLPI-Plugin-CVE-Prototype
2
0
Fork 0
mirror of https://github.com/tips-of-mine/GLPI-Plugin-CVE-Prototype.git synced 2025-06-28 07:08:44 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Start repository

Browse Source
This commit is contained in:
tips-of-mine
2025-05-31 10:03:48 +02:00
commit 194322c9fc
57 changed files with 14723 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
front/alert.form.php Normal file
View File

@ -0,0 +1,95 @@
<?php
/**
* GLPI CVE Plugin - Vulnerability Alert Form
*/
include ("../../../inc/includes.php");
Session::checkRight("plugin_cve_alert", READ);
$alert = new PluginCveCveAlert();
if (isset($_POST['create_ticket']) && isset($_POST['id'])) {
$alert->getFromDB($_POST['id']);
// Process alert to create a ticket
PluginCveCveInventory::processAlert($_POST['id']);
Html::back();
} else if (isset($_POST["add"])) {
$alert->check(-1, CREATE, $_POST);
if ($alert->add($_POST)) {
Event::log(
$alert->fields['id'],
"plugin_cve_alert",
4,
"inventory",
sprintf(__('%1$s adds the vulnerability alert %2$s'), $_SESSION["glpiname"], $_POST["name"])
);
}
Html::back();
} else if (isset($_POST["delete"])) {
$alert->check($_POST["id"], DELETE);
if ($alert->delete($_POST)) {
Event::log(
$_POST["id"],
"plugin_cve_alert",
4,
"inventory",
sprintf(__('%1$s deletes the vulnerability alert %2$s'), $_SESSION["glpiname"], $_POST["id"])
);
}
$alert->redirectToList();
} else if (isset($_POST["restore"])) {
$alert->check($_POST["id"], DELETE);
if ($alert->restore($_POST)) {
Event::log(
$_POST["id"],
"plugin_cve_alert",
4,
"inventory",
sprintf(__('%1$s restores the vulnerability alert %2$s'), $_SESSION["glpiname"], $_POST["id"])
);
}
$alert->redirectToList();
} else if (isset($_POST["purge"])) {
$alert->check($_POST["id"], PURGE);
if ($alert->delete($_POST, 1)) {
Event::log(
$_POST["id"],
"plugin_cve_alert",
4,
"inventory",
sprintf(__('%1$s purges the vulnerability alert %2$s'), $_SESSION["glpiname"], $_POST["id"])
);
}
$alert->redirectToList();
} else if (isset($_POST["update"])) {
$alert->check($_POST["id"], UPDATE);
if ($alert->update($_POST)) {
Event::log(
$_POST["id"],
"plugin_cve_alert",
4,
"inventory",
sprintf(__('%1$s updates the vulnerability alert %2$s'), $_SESSION["glpiname"], $_POST["id"])
);
}
Html::back();
} else {
Html::header(
PluginCveCveAlert::getTypeName(Session::getPluralNumber()),
$_SERVER['PHP_SELF'],
"tools",
"PluginCveCveMenu",
"alert"
);
$id = 0;
if (isset($_GET["id"])) {
$id = $_GET["id"];
}
$alert->display(['id' => $id]);
Html::footer();
}

20
front/alert.php Normal file
View File

@ -0,0 +1,20 @@
<?php
/**
* GLPI CVE Plugin - Vulnerability Alerts List
*/
include ("../../../inc/includes.php");
Session::checkRight("plugin_cve_alert", READ);
Html::header(
PluginCveCveAlert::getTypeName(Session::getPluralNumber()),
$_SERVER['PHP_SELF'],
"tools",
"PluginCveCveMenu",
"alert"
);
Search::show('PluginCveCveAlert');
Html::footer();

88
front/cvesource.form.php Normal file
View File

@ -0,0 +1,88 @@
<?php
/**
* GLPI CVE Plugin - CVE Source Form
*/
include ("../../../inc/includes.php");
Session::checkRight("plugin_cve_source", READ);
$source = new PluginCveCveSource();
if (isset($_POST["add"])) {
$source->check(-1, CREATE, $_POST);
if ($source->add($_POST)) {
Event::log(
$source->fields['id'],
"plugin_cve_source",
4,
"setup",
sprintf(__('%1$s adds the CVE source %2$s'), $_SESSION["glpiname"], $_POST["name"])
);
}
Html::back();
} else if (isset($_POST["delete"])) {
$source->check($_POST["id"], DELETE);
if ($source->delete($_POST)) {
Event::log(
$_POST["id"],
"plugin_cve_source",
4,
"setup",
sprintf(__('%1$s deletes the CVE source %2$s'), $_SESSION["glpiname"], $_POST["id"])
);
}
$source->redirectToList();
} else if (isset($_POST["restore"])) {
$source->check($_POST["id"], DELETE);
if ($source->restore($_POST)) {
Event::log(
$_POST["id"],
"plugin_cve_source",
4,
"setup",
sprintf(__('%1$s restores the CVE source %2$s'), $_SESSION["glpiname"], $_POST["id"])
);
}
$source->redirectToList();
} else if (isset($_POST["purge"])) {
$source->check($_POST["id"], PURGE);
if ($source->delete($_POST, 1)) {
Event::log(
$_POST["id"],
"plugin_cve_source",
4,
"setup",
sprintf(__('%1$s purges the CVE source %2$s'), $_SESSION["glpiname"], $_POST["id"])
);
}
$source->redirectToList();
} else if (isset($_POST["update"])) {
$source->check($_POST["id"], UPDATE);
if ($source->update($_POST)) {
Event::log(
$_POST["id"],
"plugin_cve_source",
4,
"setup",
sprintf(__('%1$s updates the CVE source %2$s'), $_SESSION["glpiname"], $_POST["id"])
);
}
Html::back();
} else {
Html::header(
PluginCveCveSource::getTypeName(Session::getPluralNumber()),
$_SERVER['PHP_SELF'],
"tools",
"PluginCveCveMenu",
"cvesource"
);
$id = 0;
if (isset($_GET["id"])) {
$id = $_GET["id"];
}
$source->display(['id' => $id]);
Html::footer();
}

20
front/cvesource.php Normal file
View File

@ -0,0 +1,20 @@
<?php
/**
* GLPI CVE Plugin - CVE Sources List
*/
include ("../../../inc/includes.php");
Session::checkRight("plugin_cve_source", READ);
Html::header(
PluginCveCveSource::getTypeName(Session::getPluralNumber()),
$_SERVER['PHP_SELF'],
"tools",
"PluginCveCveMenu",
"cvesource"
);
Search::show('PluginCveCveSource');
Html::footer();

162
front/inventory.php Normal file
View File

@ -0,0 +1,162 @@
<?php
/**
* GLPI CVE Plugin - Software Inventory Analysis Page
*/
include ("../../../inc/includes.php");
Session::checkRight("plugin_cve_inventory", READ);
Html::header(
PluginCveCveInventory::getTypeName(Session::getPluralNumber()),
$_SERVER['PHP_SELF'],
"tools",
"PluginCveCveMenu",
"inventory"
);
// Manual scan trigger
if (isset($_POST['scan_now']) && Session::haveRight("plugin_cve_inventory", UPDATE)) {
$task = new CronTask();
if ($task->getFromDBbyName('PluginCveCveInventory', 'AnalyzeInventory')) {
$task_id = $task->fields['id'];
// Execute the task
$result = PluginCveCveInventory::cronAnalyzeInventory($task);
if ($result) {
Session::addMessageAfterRedirect(
__('Software vulnerability analysis completed successfully.', 'cve'),
true,
INFO
);
} else {
Session::addMessageAfterRedirect(
__('Software vulnerability analysis completed with no new alerts.', 'cve'),
true,
INFO
);
}
} else {
Session::addMessageAfterRedirect(
__('Software vulnerability analysis task not found.', 'cve'),
true,
ERROR
);
}
Html::redirect($_SERVER['PHP_SELF']);
} else {
$alert = new PluginCveCveAlert();
// Get alert statistics
$stats = PluginCveCveAlert::getAlertStats();
echo "<div class='center'>";
echo "<table class='tab_cadre_fixe'>";
echo "<tr class='tab_bg_2'><th colspan='2'>" . __('Software Vulnerability Analysis', 'cve') . "</th></tr>";
// Show manual scan button
if (Session::haveRight("plugin_cve_inventory", UPDATE)) {
echo "<tr class='tab_bg_1'><td colspan='2' class='center'>";
echo "<form method='post' action='" . $_SERVER['PHP_SELF'] . "'>";
echo "<input type='submit' name='scan_now' value=\"" . __('Scan Software Inventory Now', 'cve') . "\" class='submit'>";
Html::closeForm();
echo "</td></tr>";
}
// Show statistics
echo "<tr class='tab_bg_2'>";
echo "<td>" . __('Total Vulnerability Alerts', 'cve') . "</td>";
echo "<td>" . $stats['total'] . "</td>";
echo "</tr>";
echo "<tr class='tab_bg_2'>";
echo "<td>" . __('New Alerts', 'cve') . "</td>";
echo "<td>" . $stats['by_status']['NEW'] . "</td>";
echo "</tr>";
echo "<tr class='tab_bg_2'>";
echo "<td>" . __('Critical Vulnerabilities', 'cve') . "</td>";
echo "<td>" . $stats['by_severity']['CRITICAL'] . "</td>";
echo "</tr>";
echo "<tr class='tab_bg_2'>";
echo "<td>" . __('High Vulnerabilities', 'cve') . "</td>";
echo "<td>" . $stats['by_severity']['HIGH'] . "</td>";
echo "</tr>";
echo "</table>";
echo "</div>";
// Show recent alerts
$alerts = PluginCveCveAlert::getRecentAlerts(10);
echo "<div class='center'>";
echo "<table class='tab_cadre_fixe'>";
echo "<tr class='tab_bg_2'><th colspan='6'>" . __('Recent Vulnerability Alerts', 'cve') . "</th></tr>";
echo "<tr class='tab_bg_1'>";
echo "<th>" . __('Software', 'cve') . "</th>";
echo "<th>" . __('Version', 'cve') . "</th>";
echo "<th>" . __('CVE ID', 'cve') . "</th>";
echo "<th>" . __('Severity', 'cve') . "</th>";
echo "<th>" . __('Status', 'cve') . "</th>";
echo "<th>" . __('Date', 'cve') . "</th>";
echo "</tr>";
if (empty($alerts)) {
echo "<tr class='tab_bg_1'><td colspan='6' class='center'>" . __('No alerts found', 'cve') . "</td></tr>";
} else {
foreach ($alerts as $alert_data) {
echo "<tr class='tab_bg_1'>";
// Software
echo "<td>";
echo $alert_data['software_name'];
echo "</td>";
// Version
echo "<td>";
echo $alert_data['version_name'];
echo "</td>";
// CVE ID
echo "<td>";
echo "<a href='" . PluginCveCve::getFormURLWithID($alert_data['cves_id']) . "'>";
echo $alert_data['cve_id'];
echo "</a>";
echo "</td>";
// Severity
echo "<td>";
echo "<span class='" . PluginCveCve::getSeverityClass($alert_data['severity']) . "'>";
echo $alert_data['severity'];
echo "</span>";
echo "</td>";
// Status
echo "<td>";
echo $alert_data['status'];
echo "</td>";
// Date
echo "<td>";
echo Html::convDateTime($alert_data['date_creation']);
echo "</td>";
echo "</tr>";
}
}
echo "</table>";
// Link to all alerts
echo "<div class='center'>";
echo "<a href='alert.php'>" . __('View all vulnerability alerts', 'cve') . "</a>";
echo "</div>";
echo "</div>";
}
Html::footer();