Summary
The host is running CrawlTrack and is prone to unspecified vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary PHP code with the privileges of the web server.
Impact Level: Application
Solution
Upgrade to CrawlTrack version 3.2.7 or later,
For updates refer to http://www.crawltrack.net/download.php
Insight
The flaw is caused by input validation errors in the stats pages when processing user-supplied data and parameters, which could allow remote attackers to execute arbitrary PHP code with the privileges of the web server.
Affected
CrawlTrack versions before 3.2.7
References
Severity
Classification
-
CVE CVE-2010-4537 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- aeNovo Database Content Disclosure Vulnerability
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
- Apache Continuum Cross Site Scripting Vulnerability
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability