SQL Injection in Alienvault Open_source_security_information_management

CVE-2012-3834

SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated users to execute arbitrary SQL commands via the time[0][0] parameter.

Vulnerability class: SQL Injection

EPSS: 0.017 (82.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References