icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

MercuryBoard < 1.1.2 Multiple Vulnerabilities

High

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is running MercuryBoard, a web-based message board. This version of MercuryBoard is vulnerable to multiple vulnerabilities that include: cross-site scripting (XSS), SQL Injection, and path disclosure. An attacker exploiting these flaws would be able to elevate privileges and/or execute code.

Solution

Upgrade to version 1.1.2 or higher.