Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24719
HistorySep 12, 2010 - 12:00 a.m.

NetArtMEDIA Real Estate Portal v2.0 XSS vuln. + NetArtMEDIA lfi.

2010-09-1200:00:00
vulners.com
25

###############################################
Vuln. discovered by : r0t
Date: 09 September 2010
vendor:http://www.netartmedia.net/realestate/
original advisory:http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html
affected versions:NetArtMEDIA Real Estate Portal v2.0 and other
versions also can be affected.
###############################################

NetArtMEDIA Real Estate Portal v2.0 contains a flaw that allows a
remote Cross-Site Scripting attacks.Input passed to the "id" parameter
in "AGENTS/index.php" isn't properly sanitised before being returned
to the user.
This can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of an affected site.

for successful exploitation you must be logged in.
##############################################

Solution:
Filter malicious characters and character sequences in a web proxy.
###############################################

  • bonus LOCAL FILE INCLUDE VULN. IN NetArtMEDIA products.

Almost all NetArtMEDIA products have local file inclusion vuln.
in exmaple in Real Estate Portal v2.0 -"folder" and "action" parameter
in "AGENTS/index.php"
by other products try also "action" parameter for local file include.
Vendor website is running on product "WebSiteAdmin
v2.1"(http://www.websiteadmin.biz/), for local file include use input
in "lng" parameter in "ADMIN/login.php"

================================================================================================================================