This host is installed with Assesi and is prone to SQL injection vulnerability.
Successful exploitation will allow attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. Impact Level: Application
No Solution or patch is available as of 18th June, 2014. Information regarding this issue will updated once the solution details are available. For updates refer to http://assesi.com.br
Flaw is due to the vereadores.php script not properly sanitizing user-supplied input to the 'bg' parameter.
Send a crafted exploit string via HTTP GET request and check whether it is possible to execute sql query or not.