Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OCS Inventory NG download.php和group_show.php SQL注入漏洞
Vulnerability Description
OCS Inventory NG(Open Computer and Software Inventory Next Generation)是OCS Inventory团队开发的一套资产管理软件。该软件能够帮助管理员掌握计算机软件安装和配置,以及在HTTP代理和服务器之间实现低网络流量通讯。 Unix平台上的OCS Inventory NG的download.php模块没有正确地验证用户所提交的N、DL、O和V参数,group_show.php模块没有正确的验证SYSTEMID参数。远程攻击者可以通过向上
CVSS Information
N/A
Vulnerability Type
N/A