19 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-1000558
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An...
CVE-2023-3726 OCSInventory-ocsreports 2.12.0 - Stored cross-site Scripting
OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting...
DEBIAN-CVE-2018-15537
Unrestricted file upload with remote code execution in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests...
UBUNTU-CVE-2018-15537
Unrestricted file upload with remote code execution in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests...
CVE-2018-15537
CVE-2018-15537 affects OCS Inventory NG, specifically the ocsreports component. The vulnerability is an unrestricted file upload that can lead to remote code execution, enabling a privileged user to gain access to the server via crafted HTTP requests. Documented across multiple feeds (NVD, OSV, U...
OCS Inventory NG SQL Injection Vulnerability (CNVD-2018-13357)
OCS Inventory NG Open Computer and Software Inventory Next Generation is a Asset Management software developed by OCS Inventory team. The software helps administrators master computer software installation and configuration, as well as low network traffic communication between HTTP proxies and...
OCS Inventory NG Cross-Site Scripting Vulnerability (CNVD-2018-12876)
OCS Inventory NG Open Computer and Software Inventory Next Generation is a Asset Management software developed by OCS Inventory team. The software helps administrators master computer software installation and configuration, as well as low network traffic communication between HTTP proxies and...
CVE-2018-1000557
OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting XSS vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary javascript code within a victims' browser. This attack appear to be exploitable via Victim mus...
CVE-2018-1000558
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted...
CVE-2018-1000558
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted...
DEBIAN-CVE-2018-1000558
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted...
Cross site scripting
OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting XSS vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary javascript code within a victims' browser. This attack appear to be exploitable via Victim mus...
UBUNTU-CVE-2018-1000558
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted...
CVE-2018-1000558
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted...
Sql injection
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted...
CVE-2018-1000557
OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting XSS vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary javascript code within a victims' browser. This attack appear to be exploitable via Victim mus...
CVE-2018-1000558
CVE-2018-1000558 affects OCS Inventory NG, specifically the ocsreports component in versions 2.4 and 2.3.1. The vulnerability is a SQL Injection in the web search functionality that, when exploited by an authenticated attacker, can result in full access to data stored in the database. The vulnera...
CVE-2018-1000558
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted...
DEBIAN-CVE-2010-1594
Multiple cross-site scripting XSS vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via 1 the query string, 2 the BASE parameter, or 3 the ega1 parameter. NOTE: some of these details are obtained from third party...