Family: CGI abuses --> Category: attack
Chora Remote Code Execution Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for remote code execution vulnerability in Chora
Detailed Explanation for this Vulnerability Test
The remote server is running at least one instance of Chora version
1.2.1 or earlier. Such versions have a flaw in the diff viewer that
enables a remote attacker to run arbitrary code with the permissions of
the web user.
See also : http://security.e-matters.de/advisories/102004.html
Solution : Upgrade to Chora version 1.2.2 or later.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.