Summary
This host is running cahelogic expired domains script and is prone multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary HTML and script code and manipulate SQL queries by injecting arbitrary SQL code in a user's browser session in context of an affected site.
Impact Level: Application.
Solution
Apply the patch from below link,
http://code.google.com/p/eventh/downloads/list
Insight
Multiple flaws are due to,
- An error in 'stats.php' when handling the 'name' and 'ext' parameters.
- A full path disclosure vulnerability in 'index.php' when handling various parameters.
- A SQL injection vulnerability in 'index.php' when handling 'ncharacter' parameter.
Affected
Cachelogic Expired Domains Script version 1.0
References