← back
CVE-2016-8580

CVE-2016-8580

EPSS 6.9%
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.
Affected products
n/a · n/a
public PoCs found3
cve_referencewww.exploit-db.com/exploits/40682/unverifiedexploitdbwww.exploit-db.com/exploits/40682unverifiedexploitdbwww.exploit-db.com/exploits/41424unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilitieshttps://www.exploit-db.com/exploits/40682/http://www.securityfocus.com/bid/93864