WatchMouse tjänst för övervakning av websidor - WatchMouse sårbarhetslösningar

Hem » Produkter » Periodisk sårbarhetsskanning » Nyligen tillagda skanningar

Sårbarhetslösningar
Periodisk sårbarhetsskanning - Pröva gratis
WatchMouse periodiska sårbarhetsskanning kontrollerar sårbarheten nedan. Om du vill se de senasta sårbarhetslösningarna som skannas av WatchMouse kan du gå till översikten med sårbarhetslösningar

OpenX bannerid SQL Injection Vulnerability
Kategori: CGI abuses	Riskfaktor: High	Tillagt: 10 Oct 2008
Synopsis: The remote web server contains a PHP application that is prone to a SQL injection attack. Description: The remote host is running OpenX (formerly Openads), an open source ad serving application written in PHP. The installed version of OpenX does not validate user-supplied input to the 'bannerid' parameter of the 'www/delivery/ac.php' script before using it in database queries. Regardless of PHP's 'magic_quotes_gpc' setting, an unauthenticated remote attacker can leverage this issue to manipulate SQL queries and, for example, uncover sensitive information from the application's database or possibly execute arbitrary PHP code. See also: http://www.openx.org/docs/2.4/release-notes/openx-2.4.9 http://www.openx.org/docs/2.6/release-notes/openx-2.6.2 http://www.securityfocus.com/archive/1/497111/30/0/threaded Solution: Upgrade to OpenX version 2.4.9 / 2.6.2 or later. Risk factor: High / CVSS Base Score : 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Övervakning av sajtresultat