Family: CGI abuses : XSS --> Category: infos
Beanwebb's guestbook Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of admin.php
Detailed Explanation for this Vulnerability Test
The remote host is running Beanwebb's Guestbook.
This set of CGI has two vulnerabilities :
- Anyone can access the admin page (admin.php)
- It is vulnerable to cross site scripting attacks (in add.php)
A possible hacker may use these flaws to steal the cookies of your users
or to inject fake information in the guestbook.
Solution : Delete this package
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.