Bug: Radical Technologies - Portal Search- multiple XSS issue ( Ascii Version )

Search:
WLB2

Radical Technologies - Portal Search- multiple XSS issue

Published
Credit
Risk
2007.02.17
Pedro Alexander Garcia
Low
CWE
CVE
Local
Remote
CWE-79
CVE-2007-0923
CVE-2007-0922
CVE-2007-0921
No
Yes

Site : Raditech.es
Product : Portal Search (May be others)

Portal Search is a product that can help to search in one or multiple Web sites.
http://www.raditech.es/esp/servicios/portal-search.shtml

This product can SEARCH and INDEX the contents of a entire web site,additionally this product doesn't validate user
input. So these types of attacks are possible.

-URL redirection (So Phising attacks can be easy)
-Cross Site Scripting
-Business Logic can be revealed trough Searching some type of characters
-Some Others

-URL redirection
http://target/?http://www.hackersite.com
and the hacker site is displayed in the main FRAME of www.somesite.com

-Cross Site Scripting
http://target/buscador/buscador.htm?%3CIFRAME%20SRC=%22javascript:alert(
'XSS');%22%3E%3C/IFRAME%3E
The result of this URL is that all the records are displayed.

-Business Logic can be revealed trough Searching some type of characters.
http://target/buscador/buscador.htm?

Thanks and sorry by my English

Regards

Pedro Alexander Garcia
claxus (at) gmail (dot) com [email concealed]
Colombia 2007

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version