CVE-2009-3040

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2009-3040

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2009-3040.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2009-3040

Downstream

DEBIAN-CVE-2009-3040

UBUNTU-CVE-2009-3040

Published

2009-09-01T18:30:03Z

Modified

2026-04-10T03:40:53.383673Z

Summary

[none]

Details

Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.

References

http://www.leidecker.info/advisories/2009-05-30-ocs_inventory_ng_sql_injection.shtml
http://www.ocsinventory-ng.org/index.php?mact=News%2Ccntnt01%2Cdetail%2C0&cntnt01articleid=140&cntnt01returnid=72
http://www.securityfocus.com/archive/1/503936/100/0/threaded

CVE-2009-3040

Affected packages