Open Source Security Information Management Os-Sim vulnerabilities
2 known vulnerabilities affecting open_source_security_information_management/os-sim.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2008-0920P4MEDIUMCVSS 6.5PoC≤ 0.9.92008-02-22
CVE-2008-0920 [MEDIUM] CWE-89 CVE-2008-0920: SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Managemen
SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression.
nvd
CVE-2008-0919P4MEDIUMCVSS 4.3PoCv0.1alphav0.2alpha+23 more2008-02-22
CVE-2008-0919 [MEDIUM] CWE-79 CVE-2008-0919: Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Ma
Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.
nvd