The remote host is running Beanwebb's Guestbook.
This set of CGI has two vulnerabilities :
- Anyone can access the admin page (admin.php)
- It is vulnerable to cross site scripting attacks (in add.php)
An attacker may use these flaws to steal the cookies of your users
or to inject fake information in the guestbook.
Solution : Delete this package
Risk factor : Low
BugTraq ID: 7231|
BugTraq ID: 7232
|Copyright||This script is Copyright (C) 2003 Renaud Deraison|
|This is only one of 93608 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.