JGSvulns.txt

2005-08-14T00:00:00
ID PACKETSTORM:39270
Type packetstorm
Reporter security-project.org
Modified 2005-08-14T00:00:00

Description

                                        
                                            `  
  
[SePro Bugtraq] WBB Portal - JGS-Portal <= 3.0.2 - Multiple Vulnerabilities (09.05.05)  
  
Vendor: JGS-XA  
URL: http://www.jgs-xa.de/  
Version: <= 3.0.2  
Type: SQL-Injections, XSS and Full Path Disclosures  
  
Discovered by deluxe89 and the Security-Project Team  
  
  
  
Description:  
-------------------------  
The JGS-Portal is a high customisable Portal for the Woltlab Burning Board.  
  
  
  
  
SQL-Injections:  
-------------------------  
/jgs_portal.php?anzahl_beitraege=[SQL-Injection]  
/jgs_portal_statistik.php?meinaction=mitglieder&month=1&year=1[SQL-Injection]  
/jgs_portal_statistik.php?meinaction=themen&month=1&year=1[SQL-Injection]  
/jgs_portal_statistik.php?meinaction=beitrag&month=1&year=1[SQL-Injection]  
/jgs_portal_beitraggraf.php?month=1&year=1[SQL-Injection]  
/jgs_portal_viewsgraf.php?jahr=1&monat=1&tag=1[SQL-Injection]  
/jgs_portal_themengraf.php?month=1&year=1[SQL-Injection]  
/jgs_portal_mitgraf.php?month=1&year=1[SQL-Injection]  
/jgs_portal_sponsor.php?id=[SQL-Injection]  
  
/jgs_portal_log.php  
"Accept-Language"-Header SQL-Injection, the first two chars  
  
JGS-Portal Version <= 3.0.1 SQL-Injection Vulnerability:  
/jgs_portal_box.php?id=[SQL-Injection]  
  
Many SQL-Injections are exploitable.  
  
  
  
Cross Site Scripting:  
-------------------------  
You can abuse the SQL-Injections for XSS attacks.  
  
  
  
  
Full Path Disclosures:  
-------------------------  
/jgs_portal_ref.php  
/jgs_portal_land.php  
/jgs_portal_log.php  
/jgs_portal_global_sponsor.php  
/jgs_portal_global.php  
/jgs_portal_system.php  
/jgs_portal_views.php  
/jgs_portal_include/jgs_portal_boardmenue.php  
/jgs_portal_include/jgs_portal_forenliste.php  
/jgs_portal_include/jgs_portal_geburtstag.php  
/jgs_portal_include/jgs_portal_guckloch.php  
/jgs_portal_include/jgs_portal_kalender.php  
/jgs_portal_include/jgs_portal_letztethemen.php  
/jgs_portal_include/jgs_portal_links.php  
/jgs_portal_include/jgs_portal_neustemember.php  
/jgs_portal_include/jgs_portal_newsboard.php  
/jgs_portal_include/jgs_portal_online.php  
/jgs_portal_include/jgs_portal_pn.php  
/jgs_portal_include/jgs_portal_portalmenue.php  
/jgs_portal_include/jgs_portal_styles.php  
/jgs_portal_include/jgs_portal_suchen.php  
/jgs_portal_include/jgs_portal_team.php  
/jgs_portal_include/jgs_portal_topforen.php  
/jgs_portal_include/jgs_portal_topposter.php  
/jgs_portal_include/jgs_portal_umfrage.php  
/jgs_portal_include/jgs_portal_useravatar.php  
/jgs_portal_include/jgs_portal_waronline.php  
/jgs_portal_include/jgs_portal_woonline.php  
/jgs_portal_include/jgs_portal_zufallsavatar.php  
  
  
  
Security-Project  
-------------------------  
Visit www.security-project.org  
`