Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

SysCP < 1.2.11 Multiple Script Execution Vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Checks for multiple script execution vulnerabilities in SysCP < 1.2.11

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP script that is affected by remote
code execution vulnerabilities.

Description :

The remote host is running SysCP, an open-source control panel written
in PHP.

The version of SysCP installed on the remote host uses user-supplied
input to several variables in various scripts without sanitizing it.
Provided PHP's 'register_globals' setting is enabled, a possible hacker can
exploit these flaws to pass arbitrary PHP code to the application's
internal template engine for execution or to affect the application's
use of include files.

See also :

Solution :

Upgrade to SysCP version 1.2.11 or later.

Threat Level:

High / CVSS Base Score : 7

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.