|
Family: CGI abuses --> Category: infos
PD9 MegaBBS multiple vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of MegaBBS
Detailed Explanation for this Vulnerability Test
The remote host is running MegaBBS, a web-based bulletin board system written
in ASP.
The remote version of this software is vulnerable to a SQL injection attack
due to a lack of sanitization of user-supplied input. A possible hacker may exploit
this flaw to issue arbitrary statements in the remote database, and therefore
bypass authorization or even overwrite arbitrary files on the remote system.
Solution : Upgrade to the latest version of this software (greater than 2.1)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|