RSS   Vulnerabilities for 'Os-sim'   RSS

2008-02-22
 
CVE-2008-0920

CWE-89
 

 
SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression.

 
 
CVE-2008-0919

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top