SQL Injection in Alienvault Open_source_security_information_management
CVE-2013-5321
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) sensor parameter in a Query action to forensics/base_qry_main…
Vulnerability class: SQL Injection
EPSS: 0.008 (74.0th percentile) — read the EPSS interpretation.
Affected products
- Alienvault Open_source_security_information_management — versions 4.1
- N/a — versions n/a
Weakness classification (CWE)
References
- 26406 (Exploit, exploit, x_refsource_EXPLOIT-DB)