Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.14363
Category:CGI abuses
Title:INL ulog-php SQL injection
Summary:NOSUMMARY
Description:Description:

The remote host is running ulog-php, a firewall log analysis interface
written in PHP.

There is a SQL injection vulnerability in the remote interface, in the
file port.php, which may allow an attacker to insert arbitrary SQL statements
in the remote database. An attacker may exploit this flaw to add bogus
statements in the remote log database, or to remove arbitrary log entries
from the database, thus cleaning his tracks.

Solution : Upgrade to ulog-php 0.8.2 or newer
Risk factor: High

Cross-Ref: BugTraq ID: 11018
CopyrightThis script is Copyright (C) 2004 Tenable Network Security

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.