Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: attack

Noah Grey Greymatter GM-Comments.CGI HTML Injection Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Checks for the version of Greymatter

Detailed Explanation for this Vulnerability Test

The remote host is running Greymatter, a web based log and journal
maintenance system implemented in Perl.


The remote version of this software is vulnerable to an HTML injection
vulnerability due to a lack of filtering on user-supplied input in the
file 'gm-comments.cgi'. A possible hacker may exploit this flaw to perform a
cross-site scripting attack against the remote host.

This software may be vulnerable to another HTLM injection vulnerability
in the file 'gm-cplog.cgi' and to a password disclosure vulnerability
in the file 'gm-token.cgi'.

Solution : None at this time.
Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.