CVE-2013-5967 Information

Feb 14, 2021 cve

Description

Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from parameter to (1) radar-iso27001-potential.php (2) radar-iso27001-A12IS_acquisition-pot.php (3) radar-iso27001-A11AccessControl-pot.php (4) radar-iso27001-A10Com_OP_Mgnt-pot.php or (5) radar-pci-potential.php in RadarReport/.

Reference

http://osvdb.org/98052 http://osvdb.org/ref/97/ossim-sql.txt http://www.securityfocus.com/bid/62790

Share on: