The exploit details a SQL injection vulnerability in OCS Inventory NG <= 2.2, allowing for time-based SQLi and arbitrary file write via MySQL's INTO OUTFILE. The PoC demonstrates how to achieve remote code execution by writing a PHP webshell to a writable directory.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target:OCS Inventory NG <= 2.2
Auth required
Prerequisites:Low-privileged user access · Search function access · Writable directory permissions