Tons of SQL-injections and XSS in Eichhorn Portal and vendor page

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1053154 漏洞类型
发布时间 2006-08-28 更新时间 2006-08-28
CVE编号 CVE-2006-4377
漏洞平台 N/A CVSS评分 N/A
Hi list.

There are lots of SQL injections and XSS in the 'Eichhorn Portal' by
'Guder und Koch Netzwerktechnik' and their own website.

Input passed to multiple parameters in different PHP-files isn't
properly sanitised before being returned to the user.

This can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of an affected site or conduct some
SQL injection.

Because there are so many Bugs, I will just give some examples of not
properly checked parameters and form fields:

Eichhorn Portal
- main
parameter "profil_nr"
textfield "suchstring" in "suchForm"
parameter "sprache"

- gallerie module
parameter "GaleryKey"
parameter "Breadcrumbs"

- ggbns module
parameter "GGBNSaction"
- index.php
attribute "topic"

Vendor is not notified, because they don't offer a mailaddress for
this purpose. But they should see lots of strange requests in their
log files :)