Nessus Plugin #12648
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
SQL Disclosure in Invision Power Board
- Family:
- CGI abuses
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2004 Noam Rathaus
- Summary:
- Detect IPB SQL Disclosure
- Version:
- $Revision: 1.1 $
- Cve_id:
- -
- Bugtraq_id:
- -
- Xrefs:
- -
- Description:
There is a vulnerability in the current version of Invision Power Board
that allows an attacker to reveal the SQL queries used by the product, and
any page that was built by the administrator using the IPB's interface,
simply by appending the variable 'debug' to the request.
Solution : Upgrade to the newest version of this software
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.