Family: CGI abuses --> Category: infos
Burning Board modcp.php SQL Injection Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for SQL injection vulnerabilities in Burning Board modcp.php script
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that is prone to SQL
The remote version of Burning Board / Burning Board Lite is prone to
SQL injection attacks due to its failure to sanitize user-supplied
input to the 'x' and 'y' parameters of the 'modcp.php' script before
using it in database queries. Provided a possible hacker has moderator
rights, these flaws may allow him to uncover sensitive information
(such as password hashes), modify existing data, and launch attacks
against the underlying database.
See also :
Unknown at this time.
Low / CVSS Base Score : 3
Click HERE for more information and discussions on this network vulnerability scan.