19 results (0.008 seconds)

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1

OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting. OCSInventory permite almacenar plantillas de correo electrónico con caracteres especiales que conducen a cross-site Scripting almacenado. • https://fluidattacks.com/advisories/creed https://ocsinventory-ng.org • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests. Subida de archivos sin restricción (con ejecución remota de código) en OCS Inventory NG ocsreports permite que un usuario privilegiado obtenga acceso al servidor mediante peticiones HTTP especialmente manipuladas. OCS Inventory NG suffers from an ocsreports authenticated remote code execution vulnerability via a shell upload. • http://packetstormsecurity.com/files/150330/OCS-Inventory-NG-ocsreports-Shell-Upload.html http://seclists.org/fulldisclosure/2018/Nov/40 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted. Subida de archivos sin restricción (con ejecución remota de código) en require/mail/NotificationMail.php en Webconsole en OCS Inventory NG OCS Inventory Server hasta la versión 2.5 permite que un usuario privilegiado obtenga acceso al servidor mediante un archivo de plantilla que contiene código PHP, debido a que se permiten extensiones de archivo diferentes a .html. OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted. • http://seclists.org/fulldisclosure/2018/Aug/6 http://www.securitytracker.com/id/1041418 https://github.com/OCSInventory-NG/OCSInventory-ocsreports/commit/cc572819e373f7ff81dec61591b6f465b43c5515 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 1

OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service. OCS Inventory 2.4.1 carece de una configuración de análisis XML adecuada, lo que permite el uso de entidades externas. Este problema puede ser explotado por un atacante que envíe una petición HTTP manipulada para exfiltrar información o provocar una denegación de servicio (DoS). • https://www.tarlogic.com/en/blog/vulnerabilities-in-ocs-inventory-2-4-1 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues. OCS Inventory 2.4.1 contiene múltiples inyecciones SQL en el motor de búsqueda. Se requiere autenticación para explotar estos problemas. • https://www.tarlogic.com/en/blog/vulnerabilities-in-ocs-inventory-2-4-1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •