|
Family: CGI abuses --> Category: infos
Comersus Login SQL injection Vulnerability Scan
Vulnerability Scan Summary Checks for Comersus
Detailed Explanation for this Vulnerability Test
The remote host is running the Comersus Shopping Cart Software.
There is a flaw in this interface which allows a possible hacker to log in
as any user by using a SQL injection flaw in the code of
comersus_backoffice_login.php.
A possible hacker may use this flaw to gain unauthorized access on
this host, or to gain the control of the remote database.
In addition to this, the remote version of this software may be
vulnerable to other issues (see bid 10674).
Solution : Upgrade to the newest version of this software
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|