Skip to primary content
Skip to secondary content

MSI :: State of Security

Insight from the Information Security Experts

MSI :: State of Security

Main menu

  • Home
  • Learn More About MicroSolved, Inc.

Tag Archives: OSSIM

Open Source Security Information Management vuln

Posted on February 25, 2008 by wstoner
Reply
Tweet

An injection vulnerability has been found in OSSIM. The “dest” parameter in the PHP based login page is not adequately sanitized. This can lead to Cross Site Scripting attacks or even SQL injection. The original advisory can be found at:http://www.milw0rm.com/exploits/5171

Posted in Emerging Threats | Tagged Cross Site Scripting, OSSIM, SQL injection | Leave a reply

Subscribe to our mailing list

* indicates required

Catagories

  • 80/20 Rule for Information Security
  • AI and Machine Learning
  • Announcements
  • Anti-Virus
  • Application Security
  • Ask the Security Experts
  • Asset Management
  • Audio Blog Post
  • Awareness
  • blockchain
  • Book Reviews
  • Chat
  • China
  • CIS CSC
  • ClawBack
  • Cloud Technology
  • Code Review
  • Credit Unions
  • Data Leak
  • Detection in Depth
  • Emerging Threats
  • End-user Focused
  • Events
  • Free Tool
  • General InfoSec
  • Healthcare
  • HoneyPoint
  • HoneyPoint Manifesto
  • How To
  • ICS/SCADA
  • incident response
  • Information Security Training
  • intelligence
  • Iran
  • ISSA InfoSec Summit
  • jobs
  • MachineTruth
  • Malware
  • Maps
  • MicroSolved's Strategies & Tactics Talks
  • Mobile Application Security
  • New Category
  • Opinion
  • OWASP
  • Password Security
  • Pen Testing & Vuln Mgmt
  • PHI
  • Phishing
  • Podcast
  • Policy and Process
  • Poll
  • Privacy
  • Projects
  • prompt engineering
  • ProtoPredator
  • Rants
  • Red Dragon Rising
  • Regulation
  • Reputational Risk
  • Research
  • Risk Management
  • SCADA/ICS
  • Smart Grid
  • Stolen Data Impact Model
  • Supply Chain
  • Surprise Interviews
  • Testing Lab
  • Threat Intelligence
  • Threat-Centric
  • Three Tough Questions
  • TigerTrax
  • Tool Review
  • Touchdown Task
  • Tweetstream
  • Video
  • Vulnerability Management
  • Webinar
  • What is HPSS?

Authors

  • Brent Huston
  • Adam Hostetler
  • John Davis
  • Lisa Wallace
  • Dave Rose
  • Johnny Chuah
  • Jim Klun

RSS State of Security – MicroSolved, Inc.

  • 3 Daily Habits for Information Security Practitioners to Stay Updated September 12, 2023
  • Brent’s Interview About His Most Recent Book September 5, 2023
  • 3 Essential Tips for Enhancing Site-to-Site VPN Security August 30, 2023
  • Preventing and Mitigating Ransomware Attacks Part Two August 14, 2023
  • Managing Risks Associated with Model Manipulation and Attacks in Generative AI Tools August 3, 2023

Past Posts

Information Security Blogroll

  • Dave Rose interview with CEO Brent Huston
  • Digital Soapbox: Down the Security Rabbithole!
  • Dr. InfoSec (TM)
  • ESET Threat Blog
  • Evil Code Cave
  • Hacking the Universe
  • Head Hacker
  • Information Security Law
  • Infosanity's Blog
  • InfoSec Ramblings
  • ISO 27001 & BS 25999
  • ITWorld Security Site
  • Jamie Levy
  • Jon's Network
  • Krebs on Security
  • Mac Virus
  • McAfee Labs Blog
  • MicroSolved Home Page
  • Network Security Blog
  • Nova InfoSec Portal
  • PaulDotCom
  • Peter Van Eeckhoutte's Blog
  • Red Team Secure
  • RedCondor Secure
  • RSA Conference
  • Search Security
  • SecTechno Information Security Blog
  • Securiteam
  • Security Active Blog
  • Security Dark Reading
  • Security in Motion
  • Security Ninja
  • Security Warrior
  • Security Watch
  • Selil
  • Steve Kalman
  • Taddong
  • Tao Security
  • Tech Buddha
  • The AVIEN Blog
  • The Falcon's View
  • The Guerilla CISO
  • Voice of VOIPSA
  • Windows Incident Response
  • Zero Day Blog
Proudly powered by WordPress