Skip to primary content
Skip to secondary content

MSI :: State of Security

Insight from the Information Security Experts

MSI :: State of Security

Main menu

  • Home
  • Learn More About MicroSolved, Inc.

Tag Archives: OSSIM

Open Source Security Information Management vuln

Posted on February 25, 2008 by wstoner
Reply
Tweet

An injection vulnerability has been found in OSSIM. The “dest” parameter in the PHP based login page is not adequately sanitized. This can lead to Cross Site Scripting attacks or even SQL injection. The original advisory can be found at:http://www.milw0rm.com/exploits/5171

Posted in Emerging Threats | Tagged Cross Site Scripting, OSSIM, SQL injection | Leave a reply

Subscribe to our mailing list

* indicates required

Catagories

  • 80/20 Rule for Information Security
  • Announcements
  • Anti-Virus
  • Application Security
  • Ask the Security Experts
  • Asset Management
  • Audio Blog Post
  • Awareness
  • blockchain
  • Book Reviews
  • Chat
  • China
  • ClawBack
  • Cloud Technology
  • Code Review
  • Credit Unions
  • Data Leak
  • Detection in Depth
  • Emerging Threats
  • End-user Focused
  • Events
  • Free Tool
  • General InfoSec
  • Healthcare
  • HoneyPoint
  • HoneyPoint Manifesto
  • How To
  • ICS/SCADA
  • incident response
  • Information Security Training
  • intelligence
  • Iran
  • ISSA InfoSec Summit
  • jobs
  • MachineTruth
  • Malware
  • Maps
  • MicroSolved's Strategies & Tactics Talks
  • Mobile Application Security
  • New Category
  • Opinion
  • OWASP
  • Password Security
  • Pen Testing & Vuln Mgmt
  • PHI
  • Phishing
  • Podcast
  • Policy and Process
  • Poll
  • Privacy
  • Projects
  • ProtoPredator
  • Rants
  • Red Dragon Rising
  • Regulation
  • Reputational Risk
  • Research
  • Risk Management
  • SCADA/ICS
  • Smart Grid
  • Stolen Data Impact Model
  • Supply Chain
  • Surprise Interviews
  • Testing Lab
  • Threat Intelligence
  • Threat-Centric
  • Three Tough Questions
  • TigerTrax
  • Tool Review
  • Touchdown Task
  • Tweetstream
  • Video
  • Vulnerability Management
  • Webinar
  • What is HPSS?

Authors

  • Brent Huston
  • Adam Hostetler
  • John Davis
  • Lisa Wallace
  • Dave Rose
  • Johnny Chuah
  • Jim Klun

RSS State of Security – MicroSolved, Inc.

  • Video: Auditing Authentication Mechanisms February 1, 2023
  • Processes and Benefits of Conducting a CIS Controls Assessment January 26, 2023
  • Need an Information Security Program? A CIS Controls Assessment is a Good Way to Start! January 20, 2023
  • Challenges Auditing Authentication Mechanisms in Organizations January 10, 2023
  • FAQ for the End of SMS Authentication January 4, 2023

Past Posts

Information Security Blogroll

  • Dave Rose interview with CEO Brent Huston
  • Digital Soapbox: Down the Security Rabbithole!
  • Dr. InfoSec (TM)
  • ESET Threat Blog
  • Evil Code Cave
  • Hacking the Universe
  • Head Hacker
  • Information Security Law
  • Infosanity's Blog
  • InfoSec Ramblings
  • ISO 27001 & BS 25999
  • ITWorld Security Site
  • Jamie Levy
  • Jon's Network
  • Krebs on Security
  • Mac Virus
  • McAfee Labs Blog
  • MicroSolved Home Page
  • Network Security Blog
  • Nova InfoSec Portal
  • PaulDotCom
  • Peter Van Eeckhoutte's Blog
  • Red Team Secure
  • RedCondor Secure
  • RSA Conference
  • Search Security
  • SecTechno Information Security Blog
  • Securiteam
  • Security Active Blog
  • Security Dark Reading
  • Security in Motion
  • Security Ninja
  • Security Warrior
  • Security Watch
  • Selil
  • Steve Kalman
  • Taddong
  • Tao Security
  • Tech Buddha
  • The AVIEN Blog
  • The Falcon's View
  • The Guerilla CISO
  • Voice of VOIPSA
  • Windows Incident Response
  • Zero Day Blog
Proudly powered by WordPress