Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ocsinventory-ng Subscribe
Filtered by product Ocs Inventory Server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14857 1 Ocsinventory-ng 1 Ocs Inventory Server 2018-10-10 6.5 MEDIUM 8.8 HIGH
Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.