The host is running SourceBan and is prone to multiple vulnerabilities.

Successful exploitation will allow attacker to perform SQL injection attack or directory traversal attacks and gain sensitive information. Impact Level: Application

Upgrade to version 1.4.9 or later, For updates refer to http://www.sourcebans.net

Multiple flaws are due to improper validation of input passed via the parameter 'xajax' to index.php script before being used in SQL queries. Which can be exploited to read and delete an arbitrary file.

SourceBans versions 1.4.8 and prior.

• http://packetstormsecurity.org/files/107589/sourcebans-lfisql.txt
• http://secunia.com/advisories/47080
• http://www.exploit-db.com/exploits/18215/
• http://xforce.iss.net/xforce/xfdb/71669
• http://xforce.iss.net/xforce/xfdb/71670

---

Updated on 2015-03-25