CVE-2018-1000558
Description
OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database. This attack appear to be exploitable via By sending crafted requests it is possible to gain database access. This vulnerability appears to have been fixed in 2.4.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SQL injection in OCS Inventory NG ocsreports 2.3.1/2.4 allows authenticated attackers to extract the entire database via crafted search parameters.
Vulnerability
SQL injection flaws exist in ocsreports versions 2.3.1 and 2.4. The vulnerability is present in the visu_search function via the value GET parameter in index.php, and in the visu_groups function via the columns[0][name] POST parameter in ajax.php [1]. The application fails to sanitize user-supplied input before including it in SQL queries.
Exploitation
An authenticated user (even with read-only privileges) can exploit the SQLi by sending crafted requests. For example, using sqlmap, the value parameter in index.php?function=visu_search&prov=allsoft&value=somesoft was exploited with boolean-based blind and time-based blind techniques [1]. Similarly, the columns[0][name] parameter in ajax.php is injectable. No special network position is required beyond network access to the OCS reports web interface.
Impact
Successful exploitation allows an authenticated attacker to gain full read access to all data stored in the OCS Inventory database, including sensitive inventory information. The blind injection can be used to extract data from all tables. Write operations (e.g., INSERT, UPDATE) are not mentioned, but the attacker can enumerate and extract any database content [1].
Mitigation
The vulnerability is fixed in ocsreports version 2.4.1, released in early 2018 [1]. Users should upgrade to 2.4.1 or later. As of the advisory, older versions including 2.3.1 and 2.4 remain vulnerable and no workaround is provided. The vendor announced the release on their site [1]. Not listed in CISA KEV.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: 2.2, 2.2.1, 2.2RC1, …
- Range: <2.4.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/mitrex_refsource_MISC
- www.secuvera.de/advisories/secuvera-SA-2017-04.txtmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.