|
Family: CGI abuses --> Category: attack
X-Cart Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for multiple vulnerabilities in X-Cart
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application affected by several
flaws.
Description :
The remote host is running X-Cart, a PHP-based shopping cart system.
The version installed on the remote host suffers from numerous SQL
injection and cross-site scripting vulnerabilities. Attackers can
exploit the former to influence database queries,resulting possibly in
a compromise of the affected application, disclosure of sensitive
data, or even attacks against the underlying database. and
exploitation of the cross-site scripting flaws can be used to steal
cookie-based authentication credentials and perform similar attacks.
See also :
http://www.securityfocus.com/archive/1/401035/30/0/threaded
Solution :
Unknown at this time.
Threat Level:
Medium / CVSS Base Score : 5
(AV:R/AC:L/Au:NR/C:P/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|