|
Family: CGI abuses --> Category: infos
bBlog SQL injection flaw Vulnerability Scan
Vulnerability Scan Summary Check bBlog version
Detailed Explanation for this Vulnerability Test
The remote server runs a version of bBlog, a blogging system written in PHP
and released under the GPL, which is as old as or older than version 0.7.4.
The remote version of this software is affected by a SQL injection
attacks in the script 'rss.php'. This issue is due to a failure
of the application to properly sanitize user-supplied input.
A possible hacker may use these flaws to execute arbitrary PHP code on this
host or to take the control of the remote database.
Solution : Upgrade to version 0.7.4 or newer.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|