ID de Prueba:	1.3.6.1.4.1.25623.1.0.15778
Categoría:	CGI abuses
Título:	Invision Power Board Post SQL Injection Vulnerability
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running Invision Power Board - a CGI suite designed to set up a bulletin board system on the remote web server. There is a vulnerability has been discovered in the remote version of this software, which may allow unauthorized users to inject SQL commands in the remote SQL database. An attacker may use this flaw to gain the control of the remote database and possibly to overwrite files on the remote host. Solution : Upgrade to the latest version of this software Risk factor : High
Referencia Cruzada:	BugTraq ID: 11703 Common Vulnerability Exposure (CVE) ID: CVE-2004-1531 http://www.securityfocus.com/bid/11703 Bugtraq: 20041118 [MaxPatrol] SQL-injection in Invision Power Board 2.x (Google Search) http://marc.info/?l=bugtraq&m=110079592702417&w=2 Bugtraq: 20050425 SQL-injections in Invision Power Board v2.0.1 (Google Search) http://marc.info/?l=bugtraq&m=111454805209191&w=2 Bugtraq: 20050427 Re: SQL-injections in Invision Power Board v2.0.1 (Google Search) http://marc.info/?l=bugtraq&m=111462421824202&w=2 http://secunia.com/advisories/13245 XForce ISS Database: invisionpowerboard-sql-injection(18164) https://exchange.xforce.ibmcloud.com/vulnerabilities/18164
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.