Summary
The remote host is running Advanced Guestbook - a guestbook written in PHP.
The remote version of this software contains an input validation flaw leading to a SQL injection vulnerability. An attacker may exploit this flaw to execute arbirtrary commands against the remote database.
Solution
Upgrade to the newest version of this software
Severity
Classification
-
CVE CVE-2005-1548 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
- Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
- ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
- Allegro RomPager `Misfortune Cookie` Vulnerability
- ASP-Dev XM Event Diary Multiple Vulnerabilities