Alienvault: >> Open Source Security Information Management Security Vulnerabilities
Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to upload files into arbitrary directories via a .. (dot dot) in the id_document parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-12-21
SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-12-21
Page 3