Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SEO-Board < 1.03 admin.php user_pass_sha1 Cookie SQL Injection

High

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is running SEO-Board, a web forum written in PHP. This version of SEO-Board is vulnerable to a flaw in the way that it handles malformed data. An attacker exploiting this flaw would be able to inject arbitrary system commands into SQL statements.

Solution

Upgrade to version 1.03 or higher.