Family: CGI abuses --> Category: attack
PostNuke < 0.762 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for admin access bypass issue in PostNuke
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that suffers from
The installed version of PostNuke allows an unauthenticated attacker
to gain administrative access to select modules through a simple GET
request. Additionally, it may be prone to various SQL injection
injection or cross-site scripting attacks as well as unspecified
attacks through the Languages module.
See also :
Upgrade to PostNuke 0.762 or later.
Medium / CVSS Base Score : 5.6
Click HERE for more information and discussions on this network vulnerability scan.