Ossim@1.0.4 Security Vulnerabilities and Issues — Ossim@1.0.4 CVE List

Lucene search

AlienvaultOssim1.0.4

3 matches found

CVE•added 2009/09/28 10:30 p.m.•44 views

CVE-2009-3439

Multiple SQL injection vulnerabilities in Open Source Security Information Management (OSSIM) before 2.1.2 allow remote authenticated users to execute arbitrary SQL commands via the id_document parameter to (1) repository_document.php, (2) repository_links.php, and (3) repository_editdocument.php i...

6.5CVSS8.1AI score0.00145EPSS

CVE•added 2009/09/28 10:30 p.m.•41 views

CVE-2009-3441

Open Source Security Information Management (OSSIM) before 2.1.2 allows remote attackers to bypass authentication, and read graphs or infrastructure information, via a direct request to (1) graphs/alarms_events.php or (2) host/draw_tree.php.

5CVSS6.6AI score0.00425EPSS

CVE•added 2009/09/28 10:30 p.m.•33 views

CVE-2009-3440

Cross-site scripting (XSS) vulnerability in Open Source Security Information Management (OSSIM) before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the option parameter to the default URI (aka the main menu).

4.3CVSS5.7AI score0.00959EPSS