|
|
Family: CGI abuses --> Category: infos
PHPCatalog SQL injection Vulnerability Scan
Vulnerability Scan Summary
SQL Injection
Detailed Explanation for this Vulnerability Test
The remote host appears to be running PHPCatalog, a CGI suite
to handle on-line catalogues.
There is a flaw in the remote software which may allow anyone
to inject arbitrary SQL commands, which may in turn be used to
gain administrative access on the remote host.
Solution : Upgrade to PHPCatalog 2.6.10 or newer
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
