Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

PHPNews sendtofriend.php SQL injection Vulnerability Scan

Vulnerability Scan Summary
Makes a request to the remote host by supplying the mid paramter in the url

Detailed Explanation for this Vulnerability Test

The remote host is using PHPNews, an open source news application.
It utilizes database to store the content.

A vulnerability exists in the remote version of this software
which may allow a possible hacker to inject arbitrary SQL code and
possibly execute arbitrary code, due to improper validation of
user supplied input in the 'mid' parameter of script

Solution : Upgrade to the version 1.2.4 of this software
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.