Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

b2evolution index.php SQL Injection

High

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is running b2evolution, a web-based blog engine written in PHP. The remote version of this software is prone to a SQL injection vulnerability. This may allow an attacker to steal authentication credentials or run arbitrary code on the remote host.

Solution

No solution is known at this time.