Family: CGI abuses --> Category: infos
Episodex Guestbook Unauthorized Access and HTML Injection Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for unathentication access to admin.asp
Detailed Explanation for this Vulnerability Test
The remote host is running the Episodex Guestbook, a guestbook written in ASP.
The remote version of this software contains an input validation flaw leading
to the execution on attacker supplied HTML and script code. In addition an
unauthenticated remote attacker can directly access administrator functions.
Solution : None at this time
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.