b2evolution index.php SQL Injection
High Nessus Network Monitor Plugin ID 2487
SynopsisThe remote web server contains a script that is vulnerable to a SQL injection attack.
DescriptionThe remote host is running b2evolution, a web-based blog engine written in PHP.
The remote version of this software is prone to a SQL injection vulnerability. This may allow an attacker to steal authentication credentials or run arbitrary code on the remote host.
SolutionNo solution is known at this time.