|
|
Family: CGI abuses : XSS --> Category: infos
php < 4.3.8 Vulnerability Scan
Vulnerability Scan Summary
Checks for version of PHP
Detailed Explanation for this Vulnerability Test
The remote host is running a version of PHP 4.3 which is older or equal to
4.3.7.
PHP is a scripting language which acts as a module for Apache or as a standalone
interpreter. There is a bug in the remote version of this software which may
allow a possible hacker to execute arbitrary code on the remote host if the option
memory_limit is set. Another bug in the function strip_tags() may allow
a possible hacker to bypass content-restrictions when submitting data and may
lead to cross-site-scripting issues.
Solution : Upgrade to PHP 4.3.8
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
