Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

MPC SoftWeb Guestbook database disclosure Vulnerability Scan

Vulnerability Scan Summary
Checks for mpcsoftware_guestdata.mdb

Detailed Explanation for this Vulnerability Test

The remote server is running MPCSoftwebGuestbook a set of .asp
scripts to manage an online guestbook.

This release comes with a database called 'mpcsoftware_guestdata.mdb',
usually located under /database/ which contains sensitive information,
such as the news site administrator password.

A possible hacker may use this flaw to gain unauthorized access to the
remote site and potentially edit it.

Note that this server is also vulnerable to a cross-site-scripting
attack which allows a possible hacker to have javascript code executed on
the browser of other hosts.

Solution : Prevent the download of .mdb files from your website.
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.