JaxUltraBB Cross Site Scripting and Local File Include Vulnerabilities
BID:29853
Info
JaxUltraBB Cross Site Scripting and Local File Include Vulnerabilities
| Bugtraq ID: | 29853 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-2966 CVE-2008-2965 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 20 2008 12:00AM |
| Updated: | Jul 05 2016 10:01PM |
| Credit: | CWH Underground |
| Vulnerable: |
JaxUltraBB JaxUltraBb 2.0 |
| Not Vulnerable: | |
Discussion
JaxUltraBB Cross Site Scripting and Local File Include Vulnerabilities
JaxUltraBB is prone to a local file-include vulnerability and a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Exploiting the local file-include issues allows remote attackers to view local files within the context of the webserver process.
JaxUltraBB 2.0 is vulnerable; prior versions may also be affected.
JaxUltraBB is prone to a local file-include vulnerability and a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Exploiting the local file-include issues allows remote attackers to view local files within the context of the webserver process.
JaxUltraBB 2.0 is vulnerable; prior versions may also be affected.
Exploit / POC
JaxUltraBB Cross Site Scripting and Local File Include Vulnerabilities
Attackers can use a browser to exploit these issues.
The following example URIs are available:
http://www.example.com/jubb/viewprofile.php?user=../../../../../../../../boot.ini%00
http://www.example.com/[jubb_path]/viewforum.php?forum=[XSS]
Attackers can use a browser to exploit these issues.
The following example URIs are available:
http://www.example.com/jubb/viewprofile.php?user=../../../../../../../../boot.ini%00
http://www.example.com/[jubb_path]/viewforum.php?forum=[XSS]
Solution / Fix
JaxUltraBB Cross Site Scripting and Local File Include Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
JaxUltraBB Cross Site Scripting and Local File Include Vulnerabilities
References:
References:
- JaxUltraBB Homepage (JaxUltraBB)