Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2013-5967

Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from parameter to (1) radar-iso27001-potential.php, (2) radar-iso27001-A12IS_acquisition-pot.php, (3) radar-iso27001-A11AccessControl-pot.php, (4) radar-iso27001-A10Com_OP_Mgnt-pot.php, or (5) radar-pci-potential.php in RadarReport/.

  • Published: Oct 9, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-5967
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
alienvault / open_source_security_information_management 4.1.2 4.1.2.x
alienvault / open_source_security_information_management 2.1.5-3 2.1.5-3.x
alienvault / open_source_security_information_management 3.1 3.1.x
alienvault / open_source_security_information_management 4.2 4.2.x
alienvault / open_source_security_information_management 2.1.5-2 2.1.5-2.x
alienvault / open_source_security_information_management 2.1 2.1.x
alienvault / open_source_security_information_management 3.1.12 3.1.12.x
alienvault / open_source_security_information_management 4.2.2 4.2.2.x
alienvault / open_source_security_information_management 4.0.4 4.0.4.x
alienvault / open_source_security_information_management 2.1.5-1 2.1.5-1.x
alienvault / open_source_security_information_management 1.0.4 1.0.4.x
alienvault / open_source_security_information_management 4.1.3 4.1.3.x
alienvault / open_source_security_information_management 2.1.2 2.1.2.x
alienvault / open_source_security_information_management 4.0.3 4.0.3.x
alienvault / open_source_security_information_management 4.2.3 4.2.3.x
alienvault / open_source_security_information_management 2.1.5 2.1.5.x
alienvault / open_source_security_information_management 3.1.10 3.1.10.x
alienvault / open_source_security_information_management 3.1.9 3.1.9.x
alienvault / open_source_security_information_management 1.0.6 1.0.6.x
alienvault / open_source_security_information_management 4.1 4.1.x
alienvault / open_source_security_information_management - 4.3.x