ID de Prueba:	1.3.6.1.4.1.25623.1.0.103433
Categoría:	Web application abuses
Título:	Fork CMS < 3.2.5 Multiple Vulnerabilities - Active Check
Resumen:	Fork CMS is prone to multiple cross-site scripting (XSS); vulnerabilities and a local file include (LFI) vulnerability.
Descripción:	Summary: Fork CMS is prone to multiple cross-site scripting (XSS) vulnerabilities and a local file include (LFI) vulnerability. Vulnerability Impact: An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and open or run arbitrary files in the context of the webserver process. Affected Software/OS: Fork CMS version 3.2.4 and probably prior. Solution: Update to version 3.2.5 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1209 XForce ISS Database: forkcms-base-xss(73393) https://exchange.xforce.ibmcloud.com/vulnerabilities/73393 Common Vulnerability Exposure (CVE) ID: CVE-2012-1208 BugTraq ID: 51972 http://www.securityfocus.com/bid/51972 http://packetstormsecurity.org/files/109709/Fork-CMS-3.2.4-Cross-Site-Scripting-Local-File-Inclusion.html http://secunia.com/advisories/47937 Common Vulnerability Exposure (CVE) ID: CVE-2012-1207 XForce ISS Database: forkcms-js-file-include(73169) https://exchange.xforce.ibmcloud.com/vulnerabilities/73169
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.