|
Family: CGI abuses : XSS --> Category: infos
GoSmart message board multiple flaws Vulnerability Scan
Vulnerability Scan Summary Checks GoSmart message board flaws
Detailed Explanation for this Vulnerability Test
The remote host is running GoSmart message board, a bulletin board
manager written in ASP.
The remote version of this software contains multiple flaws, due o
to a failure of the application to properly sanitize user-supplied input.
It is also affected by a cross-site scripting vulnerability.
As a result of this vulnerability, it is possible for a remote attacker
to create a malicious link containing script code that will be executed
in the browser of an unsuspecting user when followed.
Furthermore, this version is vulnerable to SQL injection flaws that
let a possible hacker inject arbitrary SQL commands.
Solution : Upgrade to the newest version of this software
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|