icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Instaboard index.cfm SQL Injection

High

Synopsis

The remote web server contains a script which is vulnerable to a SQL injection attack.

Description

The remote host is running NetPleasure's Instaboard, a web-interface designed to manage online forums. There is a vulnerability in this release which allows an attacker to perform a SQL injection attack through the CGI 'index.cfm'.

Solution

No solution is known at this time.