咬定青山不放松,立根原在破岩中。千磨万击还坚劲,任尔东西南北风

© 竹意 | Powered by LOFTER

CVE-2008-2335 - Vastal I-tech phpVID 1.2.3 Multipl

来自:tetraph

CVE-2008-2335 - Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site Scripting) Web Security Vulnerabilities


Exploit Title: Vastal I-tech phpVID Multiple XSS Security Vulnerabilities

Product: phpVID

Vendor: Vastal I-tech

Vulnerable Versions: 1.2.3   0.9.9

Tested Version: 1.2.3   0.9.9

Advisory Publication: March 10, 2015

Latest Update: March 10, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: CVE-2008-2335

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type: Allows unauthorized modification

Discover and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] ( @justqdjing)



CVE-2008-2335 - Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site Scripting) Web Security 0-Day Flaw - tetraph - Tetraph  的博客

 




Advisory Details:


(1) Vendor & Product Description:


Vendor:
Vastal I-tech



Product & Vulnerable Versions:
phpVID
1.2.3
0.9.9



Vendor URL & Download:
phpVID can be bought from here,
http://www.vastal.com/phpvid-the-video-sharing-software.html#.VP7aQ4V5MxA



Product Introduction:
"phpVID is a video sharing software or a video shating script and has all the features that are needed to run a successful video sharing website like youtube.com. The features include the following. phpVID is the best youtube clone available. The latest features include the parsing of the subtitles file and sharing videos via facebook. With phpVID Video Sharing is extremely easy. "

"The quality of code and the latest web 2.0 technologies have helped our customers to achieve their goals with ease. Almost all customers who have purchased phpVID are running a successful video sharing website. The quality of code has helped in generating more then 3 million video views a month using a "single dedicated server". phpVID is the only software in market which was built in house and not just purchased from someone. We wrote the code we know the code and we support the code faster then anyone else. Have any questions/concerns please contact us at: info@vastal.com. See demo at: www.phpvid.com. If you would like to see admin panel demo please email us at: info@vastal.com."

"Server Requirements:
Preferred Server: Linux any Version
PHP 4.1.0 or above
MySQL 3.1.10 or above
GD Library 2.0.1 or above
Mod Rewrite and .htaccess enabled on server.
FFMPEG (If you wish to convert the videos to Adobe Flash)"





(2) Vulnerability Details:
phpVID web application has a security bug problem. It can be exploited by XSS (Cross-site Scripting) attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. Some bug hunter researchers also have found other XSS vulnerabilities related to it before. phpVID has patched some of them.


(2.1) The first code programming flaw occurs at "members.php?" page with "&browse" parameter.


(2.2) The second code programming flaw occurs at "login.php?" page with "&next" parameter.


(2.3) The third code programming flaw occurs at "search_results.php?" page with "&query" parameter.


(2.4) The fourth code programming flaw occurs at "groups.php?" page with "&type" parameter.










References:
http://www.tetraph.com/security/xss-vulnerability/vastal-i-tech-phpvid-1-2-3-multiple-xss
http://securityrelated.blogspot.com/2015/03/vastal-i-tech-phpvid-123-multiple-xss.html
http://www.inzeed.com/kaleidoscope/computer-web-security/vastal-i-tech-phpvid-1-2-3
http://diebiyi.com/articles/security/vastal-i-tech-phpvid-1-2-3-multiple
https://cxsecurity.com/issue/WLB-2015030026
http://computerobsess.blogspot.com/2015/09/vastal-xss.html
https://hackertopic.wordpress.com/2015/08/13/vastal-xss/
http://lists.openwall.net/full-disclosure/2015/03/10/9
http://marc.info/?l=full-disclosure&m=142601091100720&w=4
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1700
 
评论
热度(3)
 
回到顶部