Family: CGI abuses --> Category: attack
SysCP < 1.2.11 Multiple Script Execution Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple script execution vulnerabilities in SysCP < 1.2.11
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that is affected by remote
code execution vulnerabilities.
The remote host is running SysCP, an open-source control panel written
The version of SysCP installed on the remote host uses user-supplied
input to several variables in various scripts without sanitizing it.
Provided PHP's 'register_globals' setting is enabled, a possible hacker can
exploit these flaws to pass arbitrary PHP code to the application's
internal template engine for execution or to affect the application's
use of include files.
See also :
Upgrade to SysCP version 1.2.11 or later.
High / CVSS Base Score : 7
Click HERE for more information and discussions on this network vulnerability scan.