Summary
This host is installed with Joomla! component ajax shoutbox and is prone to sql injection vulnerability.
Impact
Successful exploitation will allow attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
Impact Level: Application
Solution
Upgrade to Joomla AJAX Shoutbox version 1.7 or later, For updates refer to http://batjo.nl/shoutbox
Insight
The flaw is due to insufficient validation of 'jal_lastID' HTTP GET parameter passed to 'index.php' script.
Affected
Joomla AJAX Shoutbox version 1.6 and probably earlier.
Detection
Send a crafted exploit string via HTTP GET request and check whether it is possible to execute sql query or not.
References