|
Family: CGI abuses --> Category: infos
File Inclusion Vulnerability in Pivot Vulnerability Scan
Vulnerability Scan Summary Detect Pivot File Inclusion Vulnerability
Detailed Explanation for this Vulnerability Test
Pivot is a set of PHP scripts designed to maintain dynamic web pages.
There is a flaw in the file module_db.php which may let a possible hacker execute
arbitrary commands on the remote host by forcing the remote Pivot installation
to include a PHP file hosted on an arbitrary third-party website.
Solution : Upgrade to Pivot 1.14.1 or disable this CGI altogether
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|