Family: CGI abuses : XSS --> Category: infos
ScozBook flaws Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of view.php
Detailed Explanation for this Vulnerability Test
The remote host is running ScozBook
This set of CGI has two vulnerabilities :
- It is vulnerable to cross site scripting attacks (in add.php)
- If the user requests the file view.php, he will obtain
the physical path of the remote CGI
A possible hacker may use these flaws to steal the cookies of your users
or to gain better knowledge about this host.
Solution : Delete this package
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.