|
Family: CGI abuses : XSS --> Category: attack
myguestbk admin access Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of admin/index.asp
Detailed Explanation for this Vulnerability Test
The remote host is hosting myGuestBook.
This installation comes with an administrative file
in myguestBk/admin/index.asp which lets any user
delete old entries.
In addition to this, this CGI is vulnerable to a cross-site-scripting
attack.
Solution : Restrict access to admin/index.asp
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|