CVE-2009-4375

AlienVault OSSIM <2.1.5.4 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4375. PoCs published by Nahuel Grisolia.

AI-analyzed exploit summary The advisory describes a SQL injection vulnerability in OSSIM 2.1.5 via the 'id_document' parameter in repository_attachment.php. It includes proof-of-concept URLs demonstrating arbitrary SQL query execution.

Description

SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Nahuel Grisolia · textwebappsphp
https://www.exploit-db.com/exploits/10479

The advisory describes a SQL injection vulnerability in OSSIM 2.1.5 via the 'id_document' parameter in repository_attachment.php. It includes proof-of-concept URLs demonstrating arbitrary SQL query execution.

Classification
Writeup 100%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: OSSIM 2.1.5
No auth needed
Prerequisites: Access to the OSSIM repository_attachment.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37727
Vendor Advisory x_refsource_confirm
http://www.alienvault.com/community.php?section=News
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/61149

Scores

EPSS 0.0097
EPSS Percentile 57.3%

Details

CWE
CWE-89
Status published
Products (4)
alienvault/open_source_security_information_management 2.1.5
alienvault/open_source_security_information_management 2.1.5-1
alienvault/open_source_security_information_management 2.1.5-2
alienvault/open_source_security_information_management 2.1.5-3
Published Dec 21, 2009
Tracked Since Feb 18, 2026