How to Buy
This script is Copyright (C) 2003-2011 Tenable Network Security, Inc.
The web server module on the remote host has a SQL injection
According to the banner, the remote host is using a vulnerable
version of mod_survey, a Perl module for managing online surveys.
This version has a flaw that could result in a SQL injection attack
when the module is being used with a database backend. A remote
attacker could exploit this to take control of the database.
Upgrade to mod_survey 3.0.14e / 3.0.15pre6 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 11609 ()
Bugtraq ID: 7192
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.