lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 8 May 2015 21:19:46 +0800
From: Jing Wang <justqdjing@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site
 Scripting) Web Security Vulnerabilities

*MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web
Security Vulnerabilities*


Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple XSS Security
Vulnerabilities
Product: Web-Design
Vendor: MT.VERNON MEDIA
Vulnerable Versions: v1.12
Tested Version: v1.12
Advisory Publication: May 07, 2015
Latest Update: May 07, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
Writer and Reporter: Wang Jing [Mathematics, Nanyang Technological
University (NTU), Singapore] (@justqdjing)




*Recommendation Details:*


*(1) Vendor & Product Description:*


*Vendor:*
MT.VERNON MEDIA



*Product & Vulnerable Versions:*
Web-Design
v1.12



*Vendor URL & Download:*
MT.VERNON MEDIA can be obtained from here,
http://www.mtvernonmedia.com/services/WebDesign.html



*Google Dork:*
"developed by: Mt. Vernon Media"



*Product Introduction Overview:*
"In today's economy every business is more focused on ROI (Return On
Investment) than ever before. We'll help you ensure a solid ROI for your
website, not only making it effective and easy to use for your clients, but
helping you to drive traffic to your site and ensuring effective content
and design to turn traffic into solid leads, sales, or repeat customers. We
offer custom design and development services tailored to your needs and
specifications drawn up jointly with you to ensure that the appropriate
technology is leveraged for optimum results, creating a dynamic and
effective design, based on market effectiveness and user-friendly design
standards. Our developers are experts in web application development using
various programming languages including Perl, SQL, C, C+, and many other
back-end programming languages, as well as database integration. For a view
of some of your past projects, take a look at our list of clients. We
handle custom development of your Internet project from conception through
publication:

    Internet & Intranet sites
    Design concepts, layouts, and specifications
    Intuitive Graphical User Interface (GUI) design
    Dynamic navigation design
    Creation and manipulation of graphical design elements
    GIF Animation
    Flash development
    HTML hand-coding and debugging
    JavaScript for interactivity and error-checking
    ASP (Active Server Pages)
    Customized Perl CGI scripts (mailing lists, form submission, etc)
    Customized application development in varied programming languages
    Site publication and promotion
    On-going updating and maintenance
    Banner ads"




*(2) Vulnerability Details:*
MT.VERNON MEDIA Web-Design web application has a computer security bug
problem. It can be exploited by stored XSS attacks. This may allow a remote
attacker to create a specially crafted request that would execute arbitrary
script code in a user's browser session within the trust relationship
between their browser and the server.

Several other MT.VERNON MEDIA products 0-day vulnerabilities have been
found by some other bug hunter researchers before. MT.VERNON MEDIA has
patched some of them. BugScan is the first community-based scanner,
experienced five code refactoring. It has redefined the concept of the
scanner provides sources for the latest info-sec news, tools, and
advisories. It also publishs suggestions, advisories, solutions details
related to XSS vulnerabilities.


*(2.1) *The first programming code flaw occurs at "section.php?" page with
"&id" parameter.

*(2.2)* The second programming code flaw occurs at "illustrated_verse.php?"
page with "&id" parameter.

*(2.3)* The third programming code flaw occurs at "image.php?" page with
"&id" parameter.

*(2.4) *The forth programming code flaw occurs at "gallery.php?" page with
"&np" parameter.







*References:*
http://www.tetraph.com/security/xss-vulnerability/mt-vernon-media-web-design-v1-12-multiple-xss/
http://securityrelated.blogspot.com/2015/05/mtvernon-media-web-design-v112-multiple.html
http://www.inzeed.com/kaleidoscope/computer-web-security/mt-vernon-media-web-design-v1-12-multiple-xss/
https://vulnerabilitypost.wordpress.com/2015/05/08/mt-vernon-media-web-design-v1-12-multiple-xss/
http://whitehatpost.blog.163.com/blog/static/24223205420154885036469
https://progressive-comp.com/?a=139222176300014&r=1&w=1https://www.fusionvm.com/FusionVM/DesktopModules/SecurityAdvisories/SecurityAdvisoriesView.aspx?Alias=www.fusionvm&TabId=0&Lang=en-US&OU=0&ItemId=44832
https://www.bugscan.net/#!/x/21289
http://bluereader.org/article/30765596






--
Jing Wang,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists