CVE-2008-0919
OSSIM <= 0.9.9 rc5 - Cross-Site Scripting via Login Page Dest Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-0919. PoCs published by Marcin Kopec.
AI-analyzed exploit summary The document describes SQL injection and XSS vulnerabilities in OSSIM 0.9.9rc5, providing specific exploit URLs and technical details about the flaws. It includes proof-of-concept payloads for both vulnerabilities.
Description
Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.
Exploits (1)
The document describes SQL injection and XSS vulnerabilities in OSSIM 0.9.9rc5, providing specific exploit URLs and technical details about the flaws. It includes proof-of-concept payloads for both vulnerabilities.