Family: CGI abuses --> Category: attack
Land Down Under / Seditio id parameter SQL Injection Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for SQL injection vulnerability in Land Down Under / Seditio
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that is affected by a SQL
The remote version of Land Down Under or Seditio fails to sanitize
input to the 'id' parameter of the 'polls.php' script before using it
in a database query. Provided PHP's 'magic_quotes_gpc' setting is
disabled, an unauthenticated attacker may be able to leverage this
issue to uncover sensitive information (such as password hashes),
modify existing data, or launch attacks against the underlying
See also :
Unknown at this time.
Medium / CVSS Base Score : 5.6
Click HERE for more information and discussions on this network vulnerability scan.