Exploitation Summary
EIP tracks 1 public exploit for CVE-2009-1443. PoCs published by Nicolas DEROUET.
AI-analyzed exploit summary This exploit leverages a SQL injection vulnerability in OCS Inventory NG Server's login mechanism to bypass authentication. It constructs a malicious SQL query via the login field, allowing an attacker to log in as any user, including administrators, without valid credentials.
Description
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors.
Exploits (1)
This exploit leverages a SQL injection vulnerability in OCS Inventory NG Server's login mechanism to bypass authentication. It constructs a malicious SQL query via the login field, allowing an attacker to log in as any user, including administrators, without valid credentials.