|
|
Family: CGI abuses --> Category: attack
Geeklog < 1.3.11sr4 / 1.4.0sr1 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in Geeklog < 1.3.11sr4 / 1.4.0sr1
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is affected by
multiple flaws.
Description :
The remote host is running Geeklog, an open-source weblog powered by
PHP and MySQL.
The installed version of Geeklog suffers from a number of SQL
injection and local file flaws due to a failure of the application to
sanitize user-supplied input.
See also :
http://www.gulftech.org/?node=research&article_id=00102-02192006
http://www.geeklog.net/article.php/geeklog-1.4.0sr1
Solution :
Upgrade to Geeklog version 1.3.11sr4 / 1.4.0sr1 or later.
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
