|
|
Family: CGI abuses --> Category: attack
Xoops Incontent Module Directory Traversal Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of Xoops Incontent module
Detailed Explanation for this Vulnerability Test
The remote host is running Xoops,a web portail written in PHP.Xoops
Incontent module is also installed.
The remote version of Incontent module is prone to a directory
traversal vulnerability in the way it handles 'url' in the file
'index.php'.
A possible hacker, exploiting this flaw, would be able to access sensitive
files on the remote host like /etc/passwd.
Solution: Incontent is no longer maintened. Upgrade to iContent.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
