Andromeda Streaming MP3 Server 1.9.3.6 Cross Site Scripting

2012.05.09
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

Andromeda Streaming MP3 Server v1.9.3.6 (s param) Remote XSS Vulnerability Vendor: Turnstyle Product web page: http://www.turnstyle.com Affected version: 1.9.3.6 PHP (2012) Summary: Turn your MP3 collection into an MP3 server. Simply add a single PHP or ASP script to any folder within your site. Now you can browse and play the contents of that folder - over the Web, or over your local network. Desc: Andromeda is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 's' parameter of the 'andromeda.php' script. Tested on: Microsoft Windows XP Professional SP3 (EN) Apache 2.2.21 PHP 5.3.9 MySQL 5.5.20 Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscience Advisory ID: ZSL-2012-5087 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5087.php 08.05.2012 -- Dork: "powered by andromeda version" PoC: http://localhost/AndromedaPHP/andromeda.php?q=s&s="><script>alert(1);</script>

References:

http://www.turnstyle.com
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5087.php


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top