Family: CGI abuses --> Category: attack
Invision Power Board Arcade SQL Injection Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Detect Invision Power Board Arcade SQL Injection
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that is affected by a SQL
The installation of Invision Power Board on the remote host includes
an optional module, named 'Arcade', that allows unauthorized users to
inject SQL commands into the remote SQL database through the 'cat'
parameter. A possible hacker may use this flaw to gain control of the
remote database and possibly to overwrite files on the remote host.
See also :
Unknown at this time.
Medium / CVSS Base Score : 4
Click HERE for more information and discussions on this network vulnerability scan.