|
Family: CGI abuses --> Category: attack
PHPWind Board Remote File Include Vulnerability Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of PHPWind Board.
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that allows for arbitrary
code execution.
Description :
The remote host is running PHPWind Board, a web based bulletin board.
There is a flaw in older versions of this software in the file
'faq.php' which may allow a possible hacker to gain a shell on this host.
See also :
http://www.54hack.info/txt/phpwind.doc
Solution:
Upgrade to PHPwind 2.0.2 or later.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|