ID de Prueba:	1.3.6.1.4.1.25623.1.0.52101
Categoría:	CGI abuses
Título:	CoolForum XSS and SQL injection
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running a version of CoolForum vulnerable to multiple attacks as a result of insufficiently sanitized user input. The attacks include both SQL injection attacks as well as cross site scripting attacks. Versions up to and including 0.8 are known to be vulnerable. Solution : Upgrade to 0.8.1 or later. Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	BugTraq ID: 12852 Common Vulnerability Exposure (CVE) ID: CVE-2005-0855 Bugtraq: 20050320 -==CoolForum Path Disclosure & Possible SQL Injection==- (Google Search) http://seclists.org/lists/bugtraq/2005/Mar/0358.html http://securitytracker.com/id?1013474 Common Vulnerability Exposure (CVE) ID: CVE-2005-0856 Common Vulnerability Exposure (CVE) ID: CVE-2005-0857 http://www.securityfocus.com/bid/12852 XForce ISS Database: coolforum-avatar-xss(19758) https://exchange.xforce.ibmcloud.com/vulnerabilities/19758 Common Vulnerability Exposure (CVE) ID: CVE-2005-0858 XForce ISS Database: coolforum-adminentete-sql-injection(19759) https://exchange.xforce.ibmcloud.com/vulnerabilities/19759 XForce ISS Database: coolforum-register-sql-injection(19761) https://exchange.xforce.ibmcloud.com/vulnerabilities/19761
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.