|
Family: CGI abuses --> Category: attack
Webchat code injection Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of Webchat's defines.php
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is affected by a
remote code inclusion flaw.
Description :
The version of Webchat installed on the remote host allows a possible hacker
to read local files or execute PHP code, possibly taken from third-
party sites, subject to the permissions of the web server user id.
See also :
http://www.securityfocus.com/archive/1/313606
Solution :
Contact the vendor for a patch or remove the application.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|