Family: CGI abuses --> Category: attack
ASPjar Guestbook SQL Injection Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of an SQL injection in login.asp
Detailed Explanation for this Vulnerability Test
The remote host is running ASPJar's GuestBook, a guestbook
application written in ASP.
The remote version of this software is vulnerable to a SQL
injection vulnerability which allows a remote attacker to
execute arbitrary SQL statements against the remote DB.
It is also vulnerable to an input validation vulnerability which
may allow a possible hacker to perform a cross site scripting attack using
the remote host.
Solution : Delete this application.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.