Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

BoastMachine <= 3.1 'mail.php' id Parameter SQL Injection



The remote host is vulnerable to a SQL Injection attack.


The remote host is running BoastMachine, a blogging software. This version of BoastMachine is vulnerable to a flaw in the mail.php script. Specifically, a remote user can pass arbitrary SQL commands to the mail.php script that would then be executed on the database server.


Upgrade to a version higher than 3.1.