Vulnerabilities > Ocsinventory NG > Ocsinventory NG > 2.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-04 | CVE-2018-14473 | XXE vulnerability in Ocsinventory-Ng Ocsinventory NG 2.4.1 OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. | 6.4 |
2018-08-04 | CVE-2018-12483 | OS Command Injection vulnerability in Ocsinventory-Ng Ocsinventory NG 2.4.1 OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. | 9.0 |
2018-08-04 | CVE-2018-12482 | SQL Injection vulnerability in Ocsinventory-Ng Ocsinventory NG 2.4.1 OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. | 6.5 |