Family: CGI abuses --> Category: infos
ImageFolio Default Password Vulnerability Scan
Vulnerability Scan Summary
Logs in as Admin/ImageFolio
Detailed Explanation for this Vulnerability Test
The remote host is running the ImageFolio image gallery manager.
This CGI is installed with a default administrator username and
password (Admin/ImageFolio) which has not been modifed.
A possible hacker may exploit this flaw to administrate this installation.
In addition to this, the CGI admin.cgi has a bug which may allow
a possible hacker to delete arbitrary files owned by the remote web server.
Solution : Change the administrator password
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.