Summary
The remote web server contains a PHP script that is prone to SQL injection attacks.
Description :
The remote host is running the phpWebThings application framework.
The version of phpWebThings installed on the remote host does not properly sanitize user input in the 'forum' and 'msg' parameters of 'forum.php' script before using it in database queries. An attacker can exploit this vulnerability to display the usernames and passwords (md5 hash) from the website and then use this information to gain administrative access to the affected application.
Solution
Apply the phpWebthings 1.4 forum patch referenced in the third URL above.
References
Severity
Classification
-
CVE CVE-2005-3585, CVE-2005-4218 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Adobe ColdFusion Multiple Vulnerabilities-01 May-2014
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- ARRIS 2307 Unprotected Web Console
- admin.cgi overflow