|
Family: CGI abuses --> Category: infos
WowBB view_user.php SQL Injection Flaw Vulnerability Scan
Vulnerability Scan Summary Checks for SQL injection flaw in wowBB
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that is affected by
a SQL injection flaw.
Description :
The remote host is running WowBB, a web-based forum written in PHP.
The remote version of this software is vulnerable to SQL injection
attacks through the script 'view_user.php'. A malicious user can
exploit this issue to manipulate database queries, resulting in
disclosure of sensitive information, attacks against the underlying
database, and the like.
See also :
http://www.securityfocus.com/archive/1/399637
Solution:
Unknown at this time.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|