6 matches found
OCS Inventory NG Webconsole Shell Upload Vulnerability
OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted. Title Unrestricted File Upload RCE in OCS Inventory NG Webconsole before 2.5 Reserved CVE...
CVE-2018-14857
Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...
CVE-2018-14857
Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...
CVE-2018-14857
Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...
CVE-2018-14857
OCS Inventory NG Webconsole (OCS Inventory Server) up to version 2.5 is affected by an Unrestricted file upload vulnerability in require/mail/NotificationMail.php due to allowing file extensions other than .html, enabling a privileged user to upload a PHP template and gain server access. Exploita...
OCS Inventory NG Webconsole Shell Upload
Title Unrestricted File Upload RCE in OCS Inventory NG Webconsole before 2.5 Reserved CVE CVE-2018-14857 Vulnerability Overview OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions...