Summary
The remote host is running PHP TopSites, a PHP/MySQL-based customizable TopList script.
There is a vulnerability in this software which allows an attacker to access the admin/setup interface without authentication.
Solution
Limit access to admin directory using, eg, .htaccess.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Web Server ETag Header Information Disclosure Weakness
- An Image Gallery Multiple Cross-Site Scripting Vulnerability
- appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
- Apache Solr Directory Traversal Vulnerability Jan-14
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability