Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ocsinventory-ng ocs inventory server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG prior to 1.02 have unknown impact and attack vectors.
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocs Inventory Ng
1 EDB exploit
8.8
CVSSv3
CVE-2018-14857
Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server up to and including 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file ex...
Ocsinventory-ng Ocs Inventory Server
8.8
CVSSv3
CVE-2018-15537
Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests.
Ocsinventory-ng Ocsinventory Ng -
8.8
CVSSv3
CVE-2018-12482
OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues.
Ocsinventory-ng Ocsinventory Ng 2.4.1
9.1
CVSSv3
CVE-2018-14473
OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service.
Ocsinventory-ng Ocsinventory Ng 2.4.1
8.8
CVSSv3
CVE-2018-12483
OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscover_analyser rzo GET parameter is concatenated to a string used in an exec() call in the PHP code. Authentication is needed in order to expl...
Ocsinventory-ng Ocsinventory Ng 2.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started