NuytsTech Security

CVE-2010-1595

by ·

Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter.

Date published : 2010-04-28

http://www.mandriva.com/security/advisories?name=MDVSA-2010:178

http://packetstormsecurity.org/1001-exploits/ocsinventoryng-sqlxss.txt

Tags: