| Max CVSS | 6.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3439 | 6.5 |
Multiple SQL injection vulnerabilities in Open Source Security Information Management (OSSIM) before 2.1.2 allow remote authenticated users to execute arbitrary SQL commands via the id_document parameter to (1) repository_document.php, (2) repository
|
10-10-2018 - 19:43 | 28-09-2009 - 22:30 | |
| CVE-2009-3440 | 4.3 |
Cross-site scripting (XSS) vulnerability in Open Source Security Information Management (OSSIM) before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the option parameter to the default URI (aka the main menu).
|
10-10-2018 - 19:43 | 28-09-2009 - 22:30 | |
| CVE-2009-3441 | 5.0 |
Open Source Security Information Management (OSSIM) before 2.1.2 allows remote attackers to bypass authentication, and read graphs or infrastructure information, via a direct request to (1) graphs/alarms_events.php or (2) host/draw_tree.php.
|
10-10-2018 - 19:43 | 28-09-2009 - 22:30 |