10 matches found
OCS Inventory NG CommandLine.php Command Injection (CVE-2020-14947)
A command injection vulnerability exists in OCS Inventory NG. The vulnerability is due to insufficient input validation in the CommandLine.php...
OCS Inventory NG 2.7 Remote Code Execution
Exploit Title: OCS Inventory NG 2.7 - Remote Code Execution Date: 2020-06-05 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-14947 Vendor Homepage: https://ocsinventory-ng.org/ Version: v2.7 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings impo...
Exploit for OS Command Injection in Factorfx Open_Computer_Software_Inventory_Next_Generation
CVE-2020-14947 The offici...
OCS Inventory NG 2.7 - Remote Code Execution Exploit
Exploit for multiple platform in category web applications Exploit Title: OCS Inventory NG 2.7 - Remote Code Execution Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-14947 Vendor Homepage: https://ocsinventory-ng.org/ Version: v2.7 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 impor...
OCS Inventory NG 2.7 - Remote Code Execution
Exploit Title: OCS Inventory NG 2.7 - Remote Code Execution Date: 2020-06-05 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-14947 Vendor Homepage: https://ocsinventory-ng.org/ Version: v2.7 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings impo...
CVE-2020-14947
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mibfile in plugins/mainsections/msconfig/mssnmpconfig.php is mishandled in getmiboid...
CVE-2020-14947
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mibfile in plugins/mainsections/msconfig/mssnmpconfig.php is mishandled in getmiboid...
CVE-2020-14947
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mibfile in plugins/mainsections/msconfig/mssnmpconfig.php is mishandled in getmiboid...
CVE-2020-14947
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mibfile in plugins/mainsections/msconfig/mssnmpconfig.php is mishandled in getmiboid...
CVE-2020-14947
Summary: CVE-2020-14947 affects OCS Inventory NG 2.7, where a remote command execution is possible due to mishandling of mib_file in plugins/main_sections/ms_config/ms_snmp_config.php via get_mib_oid, enabling shell metacharacter abuse in require/commandLine/CommandLine.php. Public disclosure det...