ID de Prueba:	1.3.6.1.4.1.25623.1.0.800788
Categoría:	Web application abuses
Título:	TaskFreak! < 0.6.4 Multiple Vulnerabilities
Resumen:	TaskFreak! is prone to multiple vulnerabilities.
Descripción:	Summary: TaskFreak! is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2010-1520: Cross-site scripting (XSS) in logout.php - CVE-2010-1521: SQL injection (SQLi) in include/classes/tzn_user.php Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary HTML and script code and manipulate SQL queries by injecting arbitrary SQL code in a user's browser session in the context of an affected site. Affected Software/OS: TaskFreak! prior to version 0.6.4. Solution: Update to version 0.6.4 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1520 BugTraq ID: 41221 http://www.securityfocus.com/bid/41221 Bugtraq: 20100629 Secunia Research: TaskFreak "tznMessage" Cross-Site Scripting Vulnerability (Google Search) http://www.securityfocus.com/archive/1/512078/100/0/threaded http://secunia.com/secunia_research/2010-78/ http://osvdb.org/65846 http://secunia.com/advisories/40025 Common Vulnerability Exposure (CVE) ID: CVE-2010-1521 BugTraq ID: 41218 http://www.securityfocus.com/bid/41218 Bugtraq: 20100629 Secunia Research: TaskFreak "password" SQL Injection Vulnerability (Google Search) http://www.securityfocus.com/archive/1/512077/100/0/threaded http://secunia.com/secunia_research/2010-79/ http://osvdb.org/65847
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.