JGS-Portal Multiple XSS And SQL Injection Vulnerabilities Network Vulnerability

Summary

The remote host is running the JGS-Portal, a web portal written in PHP. The remote version of this software contains an input validation flaw leading multiple SQL injection and XSS vulnerabilities. An attacker may exploit these flaws to execute arbirtrary SQL commands against the remote database and to cause arbitrary code execution for third party users.

Solution

Unknown at this time

Severity

Classification

CVE CVE-2005-1633, CVE-2005-1635
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Advantech WebAccess Multiple Vulnerabilities
Avenger's News System Command Execution
b2Evolution title SQL Injection
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
aflog Cookie-Based Authentication Bypass Vulnerability

JGS-Portal Multiple XSS and SQL injection Vulnerabilities

Take action and discover your vulnerabilities