Family: CGI abuses --> Category: mixed
PHP-Fusion < 6.00.110 Multiple SQL Injection Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for SQL injection in PHP-Fusion's register.php
Detailed Explanation for this Vulnerability Test
The remote host contains several PHP scripts that are vulnerable to
SQL injection flaws.
The remote version of this software is vulnerable to multiple SQL
injection attacks due to its failure to properly sanitize certain
parameters. Provided PHP's 'magic_quotes_gpc' setting is disabled,
these flaws allow a possible hacker to manipulate database queries, which
may result in the disclosure or modification of data.
See also :
Update to at least version 6.00.110 of PHP-Fusion.
Low / CVSS Base Score : 3
Click HERE for more information and discussions on this network vulnerability scan.