- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 38781
- Проверка EDB
-
- Пройдено
- Автор
- YU-CHI DING
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2013-5967
- Дата публикации
- 2013-10-02
Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Multiple SQL Injections
Код:
source: https://www.securityfocus.com/bid/62790/info
Open Source SIEM (OSSIM) is prone to multiple SQL-injection vulnerabilities.
A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Open Source SIEM (OSSIM) 4.3.0 and prior are vulnerable.
http://www.example.com/RadarReport/radar-iso27001-potential.php?date_from=%Inject_Here%
http://www.example.com/RadarReport/radar-iso27001-A12IS_acquisition-pot.php?date_from=%Inject_Here%- Источник
- www.exploit-db.com
