Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Land Down Under < 802 events.php SQL Injection



The remote web server contains a script that is vulnerable to a SQL injection attack.


The remote host is running Land Down Under, a web-based content management system. This version of LDU is vulnerable to a script injection flaw within the 'events.php' script. An attacker exploiting this flaw would need to be able to convince a user to browse to a malicious URI. Successful exploitation would lead to script code being executed within the user's browser. In addition, the product is vulnerable to multiple SQL injection flaws. An attacker exploiting these flaws would be able to execute code within the context of the database.


Upgrade to version 802 or higher.