|
Family: CGI abuses --> Category: infos
SimpGB Guestbook.PHP SQL Injection Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for SQL injection in SimpGB
Detailed Explanation for this Vulnerability Test
The remote host is running SimpGB, a web-based guestbook application.
This version of SimpGB is vulnerable to a remote SQL injection flaw.
A possible hacker, exploiting this flaw, would only need to be able to send
a malformed query to the 'quote' parameter of the 'guestbook.php'
application.
A successful exploit would give the attacker the ability to read or
write confidential data as well as potentially execute arbitrary
commands on the remote web server.
Solution : Upgrade to version 1.35 or later.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|