Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

Kayako LiveResponse Multiple Input Validation Vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Checks for multiple input validation vulnerabilities in Kayako LiveResponse

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP script that is affected by a
variety of flaws.

Description :

The remote host is running Kayako LiveResponse, a web-based live
support system.

The installed version of Kayako LiveResponse on the remote host fails
to sanitize user-supplied input to many parameters / scripts, which
makes the application vulnerable to SQL injection and cross-site
scripting attacks. In addition, the application embeds passwords in
plaintext as part of GET requests and will reveal its installation
directory in response to direct calls to several scripts.

See also :

Solution :

Unknown at this time.

Threat Level:

Medium / CVSS Base Score : 4.7

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.