Family: CGI abuses : XSS --> Category: infos
Simple File Manager Filename Script Injection Vulnerability Scan
Vulnerability Scan Summary
Checks for the version of fm.php
Detailed Explanation for this Vulnerability Test
The remote Simple File Manager CGI (fm.php) improperly validates
the names of the directories entered and created by the user.
As a result, a user could generate a cross-site scripting attack
on this host.
Solution : Upgrade to SFM 0.21 or newer
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.