Family: CGI abuses --> Category: attack
SGallery idimage SQL Injection Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of an SQL injection in idimage parameter
Detailed Explanation for this Vulnerability Test
The remote host is running SGallery, a module for PHP-Nuke.
A critical SQL injection in the remote version of this module has been
found, this vulnerability allows a remote attacker via the 'idimage'
variable to inject arbitrary SQL statements in the remote SQL database.
Solution : Upgrade to the latest version of this software.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.