phpMyBackupPro < 1.0.0 Unspecified Input Validation Issues

high Nessus Plugin ID 14787

Synopsis

A remote web application is affected by several vulnerabilities.

Description

The remote host seems to be using phpMyBackupPro.

It is reported that the remote version of this software is prone to multiple security weaknesses regarding user input validation.

An attacker may use these issues to gain access to the application or to access the underlying database.

Solution

Upgrade to version 1.0.0 of this software.

Plugin Details

Severity: High

ID: 14787

File Name: phpmybackpro_multiple_flaws.nasl

Version: 1.15

Type: remote

Family: CGI abuses

Published: 9/21/2004

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:phpmybackuppro:phpmybackuppro

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/30/2004

Reference Information

BID: 11103