Multiple Vulnerabilities In PHP TopSites Network Vulnerability

Summary

The remote host is running PHP TopSites, a PHP/MySQL-based customizable TopList script. There is a vulnerability in this software which allows an attacker to access the admin/setup interface without authentication.

Solution

Limit access to admin directory using, eg, .htaccess.

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

@Mail 'admin.php' Cross-Site Scripting Vulnerabilities
/cgi-bin directory browsable ?
Apache Tomcat TroubleShooter Servlet Installed
An Image Gallery Multiple Cross-Site Scripting Vulnerability
AlienForm CGI script

Multiple vulnerabilities in PHP TopSites

Take action and discover your vulnerabilities