OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues.
ocsinventory-ng ocsinventory ng 2.4.1