-----------------------------------------------------------------------------------------
iwswebsolutions [content.php?p] XSS && Remote SQL Injection => Multiple Vulnerabilities
-----------------------------------------------------------------------------------------
Author : Shamus
Date : December, 15th 2010
Location : Solo && Jogjakarta, Indonesia
Web : http://antijasakom.net/forum
Critical Lvl : moderate
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : Interactive Web Solutions [CMS]
Vendor : Interactive Web Solutions
Download : http://www.iwswebsolutions.com/
Description :
Interactive Web Solutions is a full service website design and development firm.
IWS's proprietary IWS Framework website content management system was developed by our company to provide a faster, scalable and stable development platform for website, ecommerce, and web application development solutions.
Utilizing a highly robust, flexible and proven website foundation content management system, our project development methodology, and our extensive website design and development experience, will enable your website or ecommerce design and development project to empower your business.
--------------------------------------------------------------------------
Vulnerability:
~~~~~~~~~~~~
A weakness has been discovered in Interactive Web Solutions [CMS].
Where an attacker could exploit the gap that exists to obtain sensitive data within the database.
- The SQL injection vulnerability identified in the path "content.php" in parameter "p".
- The XSS vulnerability identified in the path "newhomedev_sendtophone.php", "newhomedev_emailto.php" and "newhomedev_map.php" in parameter "nid".
PoC/Exploit:
~~~~~~~~~~
This SQL injection vulnerability affects
http://www.target.com/content.php?p=[valid id][Injection quey]
This XSS vulnerability effects
- http://www.target.com/newhomedev_sendtophone.php?nid=[XSS]
- http://www.target.com/newhomedev_emailto.php?nid=[XSS]
- http://www.target.com/newhomedev_map.php?nid=[XSS]
Dork:
~~~~~
Google : Powered by Interactive Web Solutions
Solution:
~~~~~
- Your script should filter metacharacters from user input.
- Edit the source code to ensure that input is properly verified.
Timeline:
~~~~~~~
- 07 - 12 - 2010 bug found
- 07 - 12 - 2010 vendor contacted, but no response
- 10 - 12 - 2010 contacted again, but still no response
- 15 - 12 - 2010 advisories release
---------------------------------------------------------------------------
Shoutz:
~~~~~~~
oO0::::: Greetz and Thanks: :::::0Oo.
Tuhan YME
My Parents
SPYRO_KiD
K-159
lirva32
newbie_campuz
And Also My LuvLy wife :
..::.E.Z.R (The deepest Love I'v ever had..).::..
in memorial :
1. Monique
2. Dewi S.
3. W. Devi Amelia
4. S. Anna
oO0:::A hearthy handshake to: :::0Oo
~ Crack SKY Staff
~ Echo staff
~ antijasakom staff
~ jatimcrew staff
~ whitecyber staff
~ lumajangcrew staff
~ devilzc0de staff
~ unix_dbuger, boys_rvn1609, jaqk, byz9991, bius, g4pt3k, anharku, wandi, 5yn_4ck, kiddies, bom2, untouch, antcode
~ arthemist, opt1lc, m_beben, gitulaw, luvrie, poniman_coy, ThePuzci, x-ace, newbie_z, petunia, jomblo.k, hourexs_paloer, cupucyber, kucinghitam, black_samuraixxx, ucrit_penyu, wendys182, cybermuttaqin
~ k3nz0, thomas_ipt2007, blackpaper, nakuragen, candra, dewa
~ whitehat, wenkhairu, Agoes_doubleb, diki, lumajangcrew a.k.a adwisatya a.k.a xyberbreaker, wahyu_antijasakom
~ Cruz3N, mywisdom,flyff666, gunslinger_, ketek, chaer.newbie, petimati, gonzhack, spykit, xtr0nic, N4ck0, assadotcom, Qrembiezs, d4y4x, gendenk
~ All people in SMAN 3
~ All members of spyrozone
~ All members of echo
~ All members of newhack
~ All members of jatimcrew
~ All members of Anti-Jasakom
~ All members of whitecyber
~ All members of Devilzc0de
#e-c-h-o, #K-elektronik, #newhack, #Solohackerlink, #YF, #defacer, #manadocoding, #jatimcrew, #antijasakom, #whitecyber, #devilzc0de
---------------------------------------------------------------------------
Contact:
~~~~~~~~~
Shamus : Shamus@antijasakom.net
Homepage: https://antijasakom.net/forum/viewtopic.php?f=38&t=690
-------------------------------- [ EOF ] ----------------------------------
0 komentar:
Post a Comment