|
Family: CGI abuses --> Category: infos
Multiple vulnerabilities in PHP TopSites Vulnerability Scan
Vulnerability Scan Summary Tries to access setup.php without authentication
Detailed Explanation for this Vulnerability Test
The remote host is running PHP TopSites, a PHP/MySQL-based
customizable TopList script.
There is a vulnerability in this software which allows a possible hacker to
access the admin/setup interface without authentication.
See also : http://exploitlabs.com/files/advisories/EXPL-A-2005-012-PHPTopSites.txt
Solution : Limit access to admin directory using, eg, .htaccess.
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|