|
Family: CGI abuses --> Category: attack
DUPortal/DUPortal Pro Multiple SQL Injection Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for SQL injection vulnerability in DUPortal
Detailed Explanation for this Vulnerability Test
The remote host is running DUPortal, a content management system
written in ASP.
The remote version of this software is vulnerable to several SQL
injection vulnerabiliies in files 'details.asp', 'search.asp',
'default.asp' ...
With a specially crafted URL, a possible hacker can exploit this flaw
to modify database queries, potentially even uncovering user
passwords for the application.
Solution : None at this time.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|