Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

PHProjekt Unspecified Authentication Bypass Vulnerability Vulnerability Scan

Vulnerability Scan Summary
Uses a form-POST method to enter the configuration page

Detailed Explanation for this Vulnerability Test

The remote host is running PHProjekt, open-source PHP Groupware
package. It runs on most Linux and Unix variants, in addition
to Microsoft Windows operating systems.

An unspecified authentication bypass vulnerability is present in the
'setup.php' source file and may be exploited by a remote attacker to gain
access to the 'setup.php' file without requiring authentication. The
'setup.php' file may then be employed to make administrative
configuration changes to the PHPProjekt website.

Solution : Upgrade setup.php to the fixed version - setup.php,v 1.3
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.