Vulnerabilities > Ocsinventory NG > OCS Inventory NG > 1.02.1

DATE CVE VULNERABILITY TITLE RISK
2011-10-21 CVE-2011-4024 Cross-Site Scripting vulnerability in Ocsinventory-Ng OCS Inventory NG
Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 		4.3
4.3
2010-04-28 CVE-2010-1595 SQL Injection vulnerability in Ocsinventory-Ng OCS Inventory NG 1.02.1
Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the (1) c, (2) val_1, or (3) onglet_bis parameter.
network
low complexity
ocsinventory-ng CWE-89
7.5
7.5
2010-04-28 CVE-2010-1594 Cross-Site Scripting vulnerability in Ocsinventory-Ng OCS Inventory NG 1.02.1
Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via (1) the query string, (2) the BASE parameter, or (3) the ega_1 parameter. 		4.3
4.3