CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Open Source Security Information Management: >> Os-Sim Security Vulnerabilities

CVE-2008-0919

Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.

CVSS Score

4.3

EPSS Score

0.072

Published

2008-02-22

CVE-2008-0920

SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression.

CVSS Score

6.5

EPSS Score

0.007

Published

2008-02-22

Page 1

Vulnerabilities

Vulnerable Software

Open Source Security Information Management: >> Os-Sim Security Vulnerabilities

Products

Pricing

Contact Us