Summary
The remote host is running ASPJar's GuestBook, a guestbook application written in ASP.
The remote version of this software is vulnerable to a SQL injection vulnerability which allows a remote attacker to execute arbitrary SQL statements against the remote DB.
It is also vulnerable to an input validation vulnerability which may allow an attacker to perform a cross site scripting attack using the remote host.
Solution
Delete this application.
Severity
Classification
-
CVE CVE-2005-0423 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- Apache Rave User Information Disclosure Vulnerability
- Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
- Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities