All Enthusiast ReviewPost PHP Pro < 2.5.2 Multiple Input Validation Vulnerabilities
High Nessus Network Monitor Plugin ID 2486
SynopsisThe remote host is vulnerable to a SQL Injection attack.
DescriptionThe remote host is running All Enthusiast ReviewPost, a web-based bulletin board written in PHP.
The remote version of this software is prone to multiple input validation vulnerabilities. This may allow an attacker to steal authentication credentials, inject SQL data or run arbitrary scripts.
SolutionUpgrade to version 2.5.2 or higher.