Summary
The remote host could be vulnerable to SQL Injection, because you are probably running ReviewPost PHP Pro, a web-based software that manage users opinions.
There is a flaw in this software which may allow a malicious attacker to inject arbitrary SQL queries which allows it to fetch data from the database.
Solution
Download the vendor supplied patch at
http://www.photopost.com/members/forum/showthread.php?s=&threadid=98098
Severity
Classification
-
CVE CVE-2004-2175 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ArticleSetup Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
- Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
- Assesi 'bg' Parameter SQL Injection vulnerability
- AlienVault OSSIM 'date_from' Parameter Multiple SQL Injection Vulnerabilities
- AIOCP 'cp_html2xhtmlbasic.php' Remote File Inclusion Vulnerability