Alienvault Open Source SIEM (OSSIM) 3.1 - 'date_from' Multiple SQL Injections

source: https://www.securityfocus.com/bid/62790/info

Open Source SIEM (OSSIM) is prone to multiple SQL-injection vulnerabilities.

A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Open Source SIEM (OSSIM) 4.3.0 and prior are vulnerable. 

http://www.example.com/RadarReport/radar-iso27001-potential.php?date_from=%Inject_Here%

http://www.example.com/RadarReport/radar-iso27001-A12IS_acquisition-pot.php?date_from=%Inject_Here%