CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ocsinventory-Ng: >> Ocsinventory Ng >> 2.3.1 Security Vulnerabilities

CVE-2018-1000558

OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted requests it is possible to gain database access. This vulnerability appears to have been fixed in 2.4.1.

CVSS Score

6.5

EPSS Score

0.003

Published

2018-06-26

Page 1

Vulnerabilities

Vulnerable Software

Ocsinventory-Ng: >> Ocsinventory Ng >> 2.3.1 Security Vulnerabilities

Products

Pricing

Contact Us