XSS and PHP Code Insertion in N.T.
Summary
- Vulnerability
- XSS and PHP Code Insertion in N.T.
- Discovered
- 2006.04.05
- Last Update
- 2006.04.15 Exploitation code published
- ID
- EV0121
- CVE
- CVE-2006-1657 CVE-2006-1658
- Risk Level
- high
- Type
- Multiple Vulnerabilities
- Status
- Unpatched. No reply from developer(s)
- Vendor
- Chucky A. Ivey
- Vulnerable Software
- N.T. (http://www.v-gfx.net/)
- Version
- 1.1.0
- PoC/Exploit
- Available
- Solution
- Not available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
Multiple Vulnerabilities found in N.T. (http://www.v-gfx.net/) script.
1. Cross-Site Scripting
Vulnerable Script: index.php
Parameter username is not properly sanitized. This can be used to post arbitrary HTML or web script code. This code will be executed when administrator will visit "Login Log" page.
Administrator's session is threatened.
2. PHP Code Insertion
Administrator has an ability to edit variables in ticker.db.php file. Script dont make any sanitation of entered values. This can be used to insert arbitrary PHP code.
System access is possible.
PoC/Exploit
1. Cross-Site Scripting Example
URL: http://[host]/index.php
Username: [XSS]
Password: any
2. PHP Code Insertion Example
URL: http://[host]/index.php?id=editticker
Ticker width: 100"; [PHP_CODE] $aaa="
Solution.
Solution for "XSS and PHP Code Insertion in N.T." is not available. Check Chucky A. Ivey website for updates.