This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote web application is vulnerable to an injection attack.
Due to a lack of input validation, the remote version of Simple PHP
Blog can be used to perform a cross-site scripting attack by
injecting arbitrary script code to the 'q' parameter of the
See also :
Upgrade to a newer version or disable this software.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.1
Public Exploit Available : true