cpe:/a:ocsinventory-ng:ocs_inventory_ng:1.02.1 CVE-2009-3042 2009-09-01T14:30:04.967-04:00 2017-09-18T21:29:25.390-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-09-02T10:44:00.000-04:00 BUGTRAQ 20090811 Sql injection in OCS Inventory NG Server 1.2.1 SECUNIA 35311 EXPLOIT-DB 9416 CONFIRM http://www.ocsinventory-ng.org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=147&cntnt01returnid=15 SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.