Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/04/07 11:1 p.m.1 views

CVE-2026-22675

OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User-Agent HTTP headers to the /ocsinventory endpoint. Attackers can register rogue agents or craft...

6.1CVSS6AI score0.00062EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/06 9:19 p.m.2 views

CVE-2026-22675

OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User-Agent HTTP headers to the /ocsinventory endpoint. Attackers can register rogue agents or craft...

6.1CVSS6AI score0.00062EPSS
Exploits0References4
CVE
CVEadded 2026/04/06 9:19 p.m.9 views

CVE-2026-22675

OCS Inventory NG Server (versions up to 2.12.3) is affected by a stored XSS in the User-Agent header submitted to the /ocsinventory endpoint. The issue stems from improper sanitization/encoding when rendering user-supplied User-Agent values in the statistics dashboard, enabling arbitrary JavaScri...

6.1CVSS6.2AI score0.00062EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-6739

Malware in sbrugna...

8.8CVSS8.7AI score0.04838EPSS
Exploits2References5
RedhatCVE
RedhatCVEadded 2025/05/21 8:15 p.m.8 views

CVE-2009-1443

Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors...

10CVSS7.2AI score0.03319EPSS
Exploits0References1
OSV
OSVadded 2018/08/06 9:29 p.m.20 views

CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

8.8CVSS7.5AI score
Exploits0References3
Prion
Prionadded 2018/08/06 9:29 p.m.11 views

Unrestricted file upload

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

6.5CVSS8.8AI score0.04838EPSS
Exploits2References3Affected Software1
Cvelist
Cvelistadded 2018/08/06 9:0 p.m.15 views

CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

8.9AI score0.04838EPSS
Exploits2References3
CVE
CVEadded 2018/08/06 9:0 p.m.48 views

CVE-2018-14857

OCS Inventory NG Webconsole (OCS Inventory Server) up to version 2.5 is affected by an Unrestricted file upload vulnerability in require/mail/NotificationMail.php due to allowing file extensions other than .html, enabling a privileged user to upload a PHP template and gain server access. Exploita...

8.8CVSS8.8AI score0.04838EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder