|
Family: CGI abuses --> Category: attack
e107 <= 0.617 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for multiple vulnerabilities in e107 <= 0.617
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that suffers from
multiple flaws.
Description :
The version of e107 installed on the remote host contains a large
number vulnerabilities, including global variable updates, remote file
includes, directory traversal, information disclosure, cross-site
scripting, and SQL injection vulnerabilities.
See also :
http://e107.org/e107_tests/bugtracker2/bugtracker2.php?0.bug.558 (no long valid?)
http://www.securityfocus.com/archive/1/402469/30/0/threaded
http://www.milw0rm.com/id.php?id=1106
http://www.securityfocus.com/archive/1/407582
Solution :
Upgrade to e107 7.0 when it becomes available.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|