Active Business Directory 2.0 XSS

2009.12.31

Credit: Andrea Bocchetti

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2009-4464

CWE: CWE-79

Ogólna skala CVSS: 4.3/10

Znaczenie: 2.9/10

Łatwość wykorzystania: 8.6/10

Wymagany dostęp: Zdalny

Złożoność ataku: Średnia

Autoryzacja: Nie wymagana

Wpływ na poufność: Brak

Wpływ na integralność: Częściowy

Wpływ na dostępność: Brak

#  Author: Andrea Bocchetti 
#  Contact: flashcreazione@gmail.com	
#  Homepage : www.geekit.it

   // Software Info 
#  Name : activebusinessdirectory  
#  Version : v 2
#  Price : $499.00 USD

This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.
Input passed via the "search" parameter to search.asp is
not properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML 
and script code in a user's browser session
on context of an affected site.

POC

http://name.com/demoactivebusinessdirectory/searchadvance.asp?      <=  xss 

Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash
into a vulnerable application to fool a user in order to gather data from them.

How to fix this vulnerability :

Script should filter metacharacters from user input.

Referencje:

http://xforce.iss.net/xforce/xfdb/55010

http://www.packetstormsecurity.org/0912-exploits/abd-xss.txt

http://secunia.com/advisories/37863

http://osvdb.org/61267

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Active Business Directory 2.0 XSS

Referencje:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.