Thursday, 9 September 2010

NetArtMEDIA Real Estate Portal v2.0 XSS vuln. + NetArtMEDIA lfi.

###############################################
Vuln. discovered by : r0t
Date: 09 September 2010
vendor:http://www.netartmedia.net/realestate/
affected versions:NetArtMEDIA Real Estate Portal v2.0 and other
versions also can be affected.
###############################################

NetArtMEDIA Real Estate Portal v2.0 contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the "id" parameter in "AGENTS/index.php" isn't properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

for successful exploitation you must be logged in.
##############################################

Solution:
Filter malicious characters and character sequences in a web proxy.
###############################################


+ bonus LOCAL FILE INCLUDE VULN. IN NetArtMEDIA products.

Almost all NetArtMEDIA products have local file inclusion vuln.
in exmaple in Real Estate Portal v2.0 -"folder" and "action" parameter in "AGENTS/index.php"
by other products try also "action" parameter for local file include.
Vendor website is running on product "WebSiteAdmin v2.1"(http://www.websiteadmin.biz/), for local file include use input in "lng" parameter in "ADMIN/login.php"


=====================================================================================

No comments: