VYPR
Unrated severityNVD Advisory· Published Jun 22, 2009· Updated Jun 16, 2026

CVE-2009-2166

CVE-2009-2166

Description

Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:*:*:*:*:*:*:*:*range: <=1.02
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.01:*:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.02:rc1:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.02:rc2:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.02:rc3:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc3-1:*:*:*:*:*:*
    • (no CPE)range: <1.02.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.