mod_survey < 3.0.14e / 3.0.15pre6 ENV tags SQL Injection
Medium Nessus Network Monitor Plugin ID 1534
SynopsisThe remote web server contains a script which is vulnerable to a SQL injection attack.
DescriptionThe remote host is using mod_survey, a perl add-on to manage online surveys. There is a flaw in the remote installation of mod_survey which makes it vulnerable to SQL injection attacks when a database backend is being used. An attacker may use this flaw to gain control of your database.
SolutionUpgrade to mod_survey 3.0.14e or 3.0.15pre6 or higher.