Summary
The remoet web server contains a PHP script which is vulnerable to a cross site scripting issue
Description :
The remote host is using Aztek Forum, a web forum written in PHP.
A vulnerability exists the remote version of this software - more specifically in the script 'forum_2.php', which may allow an attacker to set up a cross site scripting attack using the remote host.
Solution
Upgrade to the latest version of this software
Severity
Classification
-
CVE CVE-2004-2725 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- Apache Rave User Information Disclosure Vulnerability
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities