Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Invision Power Board Dragoran Forum < 1.4 index.php site Parameter SQL Injection

High

Synopsis

The remote host is vulnerable to a SQL Injection attack.

Description

The remote host is running the Dragoran Forum, a PHP-based web portal. This version of Dragoran is vulnerable to a SQL Injection flaw. An attacker exploiting this flaw would be able to execute arbitrary SQL commands on the Dragoran backend database server.

Solution

Upgrade to version 1.4 or higher.