|
|
Family: CGI abuses --> Category: attack
@lex guestbook remote file include Vulnerability Scan
Vulnerability Scan Summary
Checks for @lex guestbook
Detailed Explanation for this Vulnerability Test
The remote host seems to be running @lex guestbook, a guestbook web application
written in PHP.
This version is prone to a vulnerability that may permit remote attackers,
without prior authentication, to include and execute malicious PHP scripts.
Remote users may influence URI variables to include a malicious PHP script
on a remote system, it is possible to cause arbitrary PHP code to be executed.
Solution : Update to the newest version of this software
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
