The remote host is running Tutos, an open-source team organization software package written in PHP. The remote version of this software is vulnerable to multiple input validation flaws which may allow an authenticated user to perform a cross site scripting attack, path disclosure attack or a SQL injection against the remote service.

Upgrade to Tutos-1.1.20040412 or newer