Summary
The host is running CrawlTrack and is prone to unspecified vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary PHP code with the privileges of the web server.
Impact Level: Application
Solution
Upgrade to CrawlTrack version 3.2.7 or later,
For updates refer to http://www.crawltrack.net/download.php
Insight
The flaw is caused by input validation errors in the stats pages when processing user-supplied data and parameters, which could allow remote attackers to execute arbitrary PHP code with the privileges of the web server.
Affected
CrawlTrack versions before 3.2.7
References
Severity
Classification
-
CVE CVE-2010-4537 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
- @Mail WebMail Email Body HTML Injection Vulnerability
- Apache Struts2 'XWork' Information Disclosure Vulnerability
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities