Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted requests it is possible to gain database access. This vulnerability appears to have been fixed in 2.4.1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OCS Inventory NG SQL注入漏洞
Vulnerability Description
OCS Inventory NG(Open Computer and Software Inventory Next Generation)是OCS Inventory团队开发的一套资产管理软件。该软件能够帮助管理员掌握计算机软件安装和配置,以及在HTTP代理和服务器之间实现低网络流量通讯。 OCS Inventory NG ocsreports 2.4版本和ocsreports 2.3.1版本中的Web搜索存在SQL注入漏洞。远程攻击者可通过发送特制的请求利用该漏洞获取数据库的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A