cbcvebase.
CVE-2013-5967
published 2013-10-09

CVE-2013-5967: Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute…

PriorityP262high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
19.02%
97.0th percentile
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from parameter to (1) radar-iso27001-potential.php, (2) radar-iso27001-A12IS_acquisition-pot.php, (3) radar-iso27001-A11AccessControl-pot.php, (4) radar-iso27001-A10Com_OP_Mgnt-pot.php, or (5) radar-pci-potential.php in RadarReport/.

Affected

21 ranges
VendorProductVersion rangeFixed in
alienvaultopen_source_security_information_management<= 4.3
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management
alienvaultopen_source_security_information_management

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://www.example.com/RadarReport/radar-iso27001-potential.php?date_from=%Inject_Here%
urlhttp://www.example.com/RadarReport/radar-iso27001-A12IS_acquisition-pot.php?date_from=%Inject_Here%
path/RadarReport/radar-iso27001-potential.php
path/RadarReport/radar-iso27001-A12IS_acquisition-pot.php
path/RadarReport/radar-iso27001-A11AccessControl-pot.php
path/RadarReport/radar-iso27001-A10Com_OP_Mgnt-pot.php
path/RadarReport/radar-pci-potential.php
  • Monitor HTTP requests targeting any of the five vulnerable PHP scripts under /RadarReport/ with a `date_from` query parameter containing SQL metacharacters or injection payloads.
  • The Metasploit module for this vulnerability class (alienvault_iso27001_sqli) leverages authenticated SQL injection via a PNG-generation PHP file to achieve arbitrary file read — alert on authenticated sessions issuing unusual SQL-bearing requests to RadarReport endpoints.
  • ·The NVD entry states the vulnerability affects OSSIM 4.3 and earlier, but the Metasploit module targets version 4.5.0, suggesting the vulnerable code pattern persisted across a wider version range than originally disclosed.
  • ·Exploitation requires only a valid (non-admin) authenticated session; privilege escalation is not a prerequisite for arbitrary file read via the SQL injection path.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.