Summary
The remote host is running 'Invision Power Top Site List', a site ranking script written in PHP.
There is a SQL injection vulnerability in this CGI suite, due to a lack of user-input sanitizing, which may allow an attacker to execute arbitrary SQL commands on this host, and therefore gain the control of the database of this site.
Solution
Upgrade to the latest version of this CGI suite
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Windows)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows
- Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)
- Adobe Acrobat Multiple Vulnerabilities - Mac OS X