|
Family: CGI abuses --> Category: attack
inserter.cgi File Inclusion and Command Execution Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of a file inclusion vulnerability
Detailed Explanation for this Vulnerability Test
The remote web server contains the 'inserter' CGI.
The inserter.cgi contains a vulnerability that allows remote attackers to cause
the CGI to execute arbitrary commands with the rights of the web server
by supplying it with a piped instruction or to include arbitrary files by
providing an absolute path to the location of the file.
Solution : Delete this file
Risk factor: High
Click HERE for more information and discussions on this network vulnerability scan.
|