Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ocsinventory-ng ocs inventory ng vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2011-4024
Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocs Inventory Ng 1.02
Ocsinventory-ng Ocs Inventory Ng 1.01
Ocsinventory-ng Ocs Inventory Ng
Ocsinventory-ng Ocs Inventory Ng 1.02.1
1 EDB exploit
505
VMScore
CVE-2009-2166
Absolute path traversal vulnerability in cvs.php in OCS Inventory NG prior to 1.02.1 on Unix allows remote malicious users to read arbitrary files via a full pathname in the log parameter.
Ocsinventory-ng Ocs Inventory Ng
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocs Inventory Ng 1.01
Ocsinventory-ng Ocs Inventory Ng 1.02
1 EDB exploit
605
VMScore
CVE-2010-1733
Multiple SQL injection vulnerabilities in OCS Inventory NG prior to 1.02.3 allow remote malicious users to execute arbitrary SQL commands via (1) multiple inventory fields to the search form, reachable through index.php; or (2) the "Software name" field to the "All...
Ocsinventory-ng Ocs Inventory Ng 1.02
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocs Inventory Ng 1.01
Ocsinventory-ng Ocs Inventory Ng
1000
VMScore
CVE-2009-1443
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG prior to 1.02 have unknown impact and attack vectors.
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocs Inventory Ng
1 EDB exploit
383
VMScore
CVE-2010-1594
Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote malicious users to inject arbitrary web script or HTML via (1) the query string, (2) the BASE parameter, or (3) the ega_1 parameter. NOTE: some of these details are...
Ocsinventory-ng Ocs Inventory Ng 1.02.1
445
VMScore
CVE-2009-1769
The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote malicious users to enumerate valid usernames.
Ocsinventory-ng Ocs Inventory Ng 1.01
755
VMScore
CVE-2009-3040
Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote malicious users to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.
Ocsinventory-ng Ocs Inventory Ng 1.02
1 EDB exploit
755
VMScore
CVE-2009-3042
SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote malicious users to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.
Ocsinventory-ng Ocs Inventory Ng 1.02.1
1 EDB exploit
668
VMScore
CVE-2010-1595
Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote malicious users to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter.
Ocsinventory-ng Ocs Inventory Ng 1.02.1
641
VMScore
CVE-2009-0667
Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent prior to 0.0.9.3, and 1.x prior to 1.0.1, in OCS Inventory allows local users to gain privileges via a Trojan horse Perl module in an arbitrary directory.
Ocsinventory-ng Ocs Inventory Ng 1.0
Ocsinventory-ng Ocsinventory-agent 0.05
Ocsinventory-ng Ocsinventory-agent 0.08
Ocsinventory-ng Ocsinventory-agent
Ocsinventory-ng Ocsinventory-agent 0.09
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »