Vulnerabilities (CVE)

Filtered by vendor Factorfx Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-46355 1 Factorfx 1 Ocs Inventory 2024-11-21 3.5 LOW 5.4 MEDIUM
OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the device name with some malicious code that allows the execution of Stored Cross-site Scripting (XSS).
CVE-2020-14947 1 Factorfx 1 Open Computer Software Inventory Next Generation 2024-11-21 6.5 MEDIUM 8.8 HIGH
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.