|
Family: CGI abuses --> Category: infos
PT News Unauthorized Administrative Access Vulnerability Scan
Vulnerability Scan Summary Determine if PTNews grants administrative access to everyone
Detailed Explanation for this Vulnerability Test
The remote host is using the PT News management system.
There is a flaw in this version which allows anyone to execute
arbitrary admnistrative PTnews command on this host (such as deleting
news or editing a news) without having to know the administrator
password.
A possible hacker may use this flaw to edit the content of this website
or even to delete it completely.
Solution : Upgrade to PT News 1.7.8 or newer
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|