CVE-2009-3441
OSSIM (Open Source Security Information Management) is affected by CVE-2009-3441. Before version 2.1.2, remote attackers can bypass authentication and read graphs or infrastructure information by directly requesting (1) graphs/alarms_events.php or (2) host/draw_tree.php. The vulnerability arises ...