Family: CGI abuses --> Category: attack
Webfroot shoutbox file inclusion Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of shoutbox.php
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that is affected by
directory traversal and code injection vulnerabilities.
The remote host is running Webfroot Shoutbox, a PHP application that
allows website visitors to leave one another messages.
The version of Webfroot Shoutbox installed on the remote host allows
a possible hacker to read arbitrary files and possibly to inject arbitrary
PHP code into the remote host and gain a shell with the rights of
the web server.
See also :
Upgrade to the Shoutbox 2.35 or later.
High / CVSS Base Score : 7
Click HERE for more information and discussions on this network vulnerability scan.