Summary
This host is running Task Freak and is prone SQL Injection Vulnerability.
Impact
Successful exploitation will allow remote attackers to view, add, modify or delete information in the back-end database.
Impact Level: Application.
Solution
Upgrade to the TaskFreak version 0.6.3
http://www.taskfreak.com/download.php
Insight
The flaw exists due to the error in 'loadByKey()', which fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Affected
TaskFreak version prior to 0.6.3
References
Severity
Classification
-
CVE CVE-2010-1583 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities