CVE-2009-3040

OCS Inventory NG 1.02 - SQL Injection via download.php Parameters or group_show.php SYSTEMID

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3040. PoCs published by Nico Leidecker.

AI-analyzed exploit summary This exploit demonstrates SQL injection vulnerabilities in OCS Inventory NG 1.02 (Unix) via unsanitized parameters in `download.php` and `group_show.php`. The provided URL manipulates SQL queries to extract credentials from the `operators` table.

Description

Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Nico Leidecker · textwebappsphp
https://www.exploit-db.com/exploits/8836

This exploit demonstrates SQL injection vulnerabilities in OCS Inventory NG 1.02 (Unix) via unsanitized parameters in `download.php` and `group_show.php`. The provided URL manipulates SQL queries to extract credentials from the `operators` table.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: OCS Inventory NG 1.02 (Unix)
No auth needed
Prerequisites: Network access to the vulnerable web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

EPSS 0.0142
EPSS Percentile 69.5%

Details

CWE
CWE-89
Status published
Products (1)
ocsinventory-ng/ocs_inventory_ng 1.02
Published Sep 01, 2009
Tracked Since Feb 18, 2026