Absolute path traversal vulnerability in cvs.php in OCS Inventory NG prior to 1.02.1 on Unix allows remote malicious users to read arbitrary files via a full pathname in the log parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ocsinventory-ng ocs_inventory_ng 1.01 |
||
ocsinventory-ng ocs_inventory_ng 1.02 |
||
ocsinventory-ng ocs_inventory_ng 1.0 |
||
ocsinventory-ng ocs_inventory_ng |