Test Kennung:	1.3.6.1.4.1.25623.1.0.52101
Kategorie:	CGI abuses
Titel:	CoolForum XSS and SQL injection
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is running a version of CoolForum vulnerable to multiple attacks as a result of insufficiently sanitized user input. The attacks include both SQL injection attacks as well as cross site scripting attacks. Versions up to and including 0.8 are known to be vulnerable. Solution : Upgrade to 0.8.1 or later. Risk factor : Critical CVSS Score: 10.0
Querverweis:	BugTraq ID: 12852 Common Vulnerability Exposure (CVE) ID: CVE-2005-0855 Bugtraq: 20050320 -==CoolForum Path Disclosure & Possible SQL Injection==- (Google Search) http://seclists.org/lists/bugtraq/2005/Mar/0358.html http://securitytracker.com/id?1013474 Common Vulnerability Exposure (CVE) ID: CVE-2005-0856 Common Vulnerability Exposure (CVE) ID: CVE-2005-0857 http://www.securityfocus.com/bid/12852 XForce ISS Database: coolforum-avatar-xss(19758) https://exchange.xforce.ibmcloud.com/vulnerabilities/19758 Common Vulnerability Exposure (CVE) ID: CVE-2005-0858 XForce ISS Database: coolforum-adminentete-sql-injection(19759) https://exchange.xforce.ibmcloud.com/vulnerabilities/19759 XForce ISS Database: coolforum-register-sql-injection(19761) https://exchange.xforce.ibmcloud.com/vulnerabilities/19761
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.