Nessus Plugin #16086
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
IBProArcade index.php SQL Injection
- Family:
- CGI abuses
- Category:
- attack
- Copyright:
- This script is Copyright (C) 2004 Ami Chayun
- Summary:
- Checks for the presence of an SQL injection in index.php
- Version:
- $Revision: 1.1 $
- Cve_id:
- -
- Bugtraq_id:
- 12138
- Xrefs:
- -
- Description:
The remote host is running ibProArcade a web based score board system written
in PHP.
One of the application's CGIs, index.php, is vulnerable to an SQL injection
vulnerability in the 'gameid' parameter. An attacker may exploit this flaw to
execute arbitrary SQL statements against the remote database.
Solution : Upgrade to the newest version of this program
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.