Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via (1) multiple inventory fields to the search form, reachable through index.php; or (2) the "Software name" field to the "All softwares" search form, reachable through index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OCS Inventory NG 多个SQL注入漏洞
Vulnerability Description
OCS Inventory NG(Open Computer and Software Inventory Next Generation)是一款系统管理软件,能帮助管理员掌握计算机软件安装和配置,在HTTP代理和服务器之间实现低网络流量通讯。 OCS Inventory NG存在多个SQL注入漏洞,远程攻击者可通过index.php(1)搜索表单的多个inventory字段,或(2)"all softwares"搜索表单的"software n+E29ame"字段执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A