Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ocsinventory-ng ocs inventory ng vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4024
Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocs Inventory Ng 1.02
Ocsinventory-ng Ocs Inventory Ng 1.02.1
Ocsinventory-ng Ocs Inventory Ng 1.01
Ocsinventory-ng Ocs Inventory Ng
1 EDB exploit
NA
CVE-2010-1733
Multiple SQL injection vulnerabilities in OCS Inventory NG prior to 1.02.3 allow remote malicious users to execute arbitrary SQL commands via (1) multiple inventory fields to the search form, reachable through index.php; or (2) the "Software name" field to the "All...
Ocsinventory-ng Ocs Inventory Ng 1.02
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocs Inventory Ng 1.01
Ocsinventory-ng Ocs Inventory Ng
NA
CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG prior to 1.02 have unknown impact and attack vectors.
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocs Inventory Ng
1 EDB exploit
NA
CVE-2010-1594
Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote malicious users to inject arbitrary web script or HTML via (1) the query string, (2) the BASE parameter, or (3) the ega_1 parameter. NOTE: some of these details are...
Ocsinventory-ng Ocs Inventory Ng 1.02.1
NA
CVE-2010-1595
Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote malicious users to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter.
Ocsinventory-ng Ocs Inventory Ng 1.02.1
NA
CVE-2009-3040
Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote malicious users to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.
Ocsinventory-ng Ocs Inventory Ng 1.02
1 EDB exploit
NA
CVE-2009-3042
SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote malicious users to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.
Ocsinventory-ng Ocs Inventory Ng 1.02.1
1 EDB exploit
NA
CVE-2009-1769
The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote malicious users to enumerate valid usernames.
Ocsinventory-ng Ocs Inventory Ng 1.01
NA
CVE-2009-0667
Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent prior to 0.0.9.3, and 1.x prior to 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl module in an arbitrary directory.
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocsinventory-agent 0.05
Ocsinventory-ng Ocsinventory-agent 0.08
Ocsinventory-ng Ocsinventory-agent
Ocsinventory-ng Ocsinventory-agent 0.09
8.8
CVSSv3
CVE-2018-14857
Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server up to and including 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file ex...
Ocsinventory-ng Ocs Inventory Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »