|
Family: CGI abuses --> Category: infos
phpMyFAQ Image Upload Authentication Bypass Vulnerability Scan
Vulnerability Scan Summary Check the version of phpMyFAQ
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that allows for
unauthorized file uploads.
Description :
The version of phpMyFAQ on the remote host contains a flaw that may
allow a possible hacker without authorization to upload and delete arbitrary
images on the remote host. A possible hacker may exploit this problem to
deface the remote web site.
See also :
http://www.phpmyfaq.de/advisory_2004-07-27.php
Solution :
Upgrade to phpMyFAQ 1.4.0a or newer.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:N/A:N/I:P/B:I)
Click HERE for more information and discussions on this network vulnerability scan.
|