Absolute path traversal vulnerability in cvs.php in OCS Inventory NG prior to 1.02.1 on Unix allows remote malicious users to read arbitrary files via a full pathname in the log parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ocsinventory-ng ocs inventory ng |
||
ocsinventory-ng ocs inventory ng 1.0 |
||
ocsinventory-ng ocs inventory ng 1.01 |
||
ocsinventory-ng ocs inventory ng 1.02 |