Summary
The remote web server contains a PHP script which is vulnerable to a cross site scripting and SQL injection issue.
Description :
Basit cms 1.0 has a cross site scripting bug. An attacker may use it to perform a cross site scripting attack on this host.
In addition to this, it is vulnerable to a SQL insertion attack which may allow an attacker to get the control of your database.
Solution
Upgrade to a newer version.
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
- Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
- Apache Continuum Cross Site Scripting Vulnerability
- Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability
- Apache Open For Business HTML injection vulnerability