← back
CVE-2013-5967

CVE-2013-5967

43Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 19%
from disclosure to weapon0 days
Published on NVDOct 9
1st PoCOct 2
metasploit+172d
exploitation probability
19%top 3% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from parameter to (1) radar-iso27001-potential.php, (2) radar-iso27001-A12IS_acquisition-pot.php, (3) radar-iso27001-A11AccessControl-pot.php, (4) radar-iso27001-A10Com_OP_Mgnt-pot.php, or (5) radar-pci-potential.php in RadarReport/.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.