what you don't know can hurt you

ECE Projects Cross Site Scripting

ECE Projects Cross Site Scripting
Posted Apr 4, 2014
Authored by Wang Jing

ECE Projects suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c0ab7a2ce5daf1a815c50916aeda497e

ECE Projects Cross Site Scripting

Change Mirror Download
*ECE Projects XSS (Cross-site Scripting) Security Vulnerabilities*


Exploit Title: ECE Projects XSS (Cross-site Scripting) Security
Vulnerabilities
Vendor: ECE Projektmanagement G.m.b.H. & Co. KG (ECE)
Product: ECE Projects
Vulnerable Versions:
Tested Version:
Advisory Publication: April 01, 2015
Latest Update: April 01, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
Writer and Reporter: Wang Jing [CCRG, Nanyang Technological University
(NTU), Singapore]




*Suggestion Details:*


*(1) Vendor & Product Description:*


*Vendor:*
ECE Projektmanagement G.m.b.H. & Co. KG (ECE)


*Product & Version:*
All Projects - Shopping & Office, Traffic, Industries, Hotel, Residential


*Vendor URL & download:*
ECE Projects can be obtained from here,
http://www.ece.com/en/projects/all-projects/


*Google Dork:*
ECE Projektmanagement GmbH & Co. KG


*Product Introduction Overview:*
"ECE develops, builds, and manages large commercial properties in the
business areas Shopping, Office, Traffic, and Industries. It was founded in
1965 by mail-order pioneer Prof. Werner Otto (1909-2011) and is owned by
the Otto family. Since 2000, the company founder's son, Alexander Otto, has
been heading the company. Hamburg-based ECE has been developing, building,
leasing out, and managing large commercial properties in the business areas
Shopping, Office, Traffic, and Industries and is European market leader in
the field of downtown shopping centers. For decades, ECE has been realizing
very successfully large group headquarters, office buildings, industrial
buildings, logistic centers, traffic-related properties, hotels and other
highly complex building types. ECE provides all real estate-related
services from one source and thus creates a major benefit for their
customers, clients and partners by pooling their complete know-how. With
regard to numerous projects the ECE group acts as investor and keeps the
projects in the portfolio for decades. Furthermore, two ECE funds
concentrate on the acquisition of shopping centers with value growth
potential. ECE is Europe-wide successfully positioned with numerous
subsidiaries and joint ventures."

"ECE employs specialists with in-depth knowledge of the retail trade and
all related "disciplines" and pools this wide-ranging expertise under one
roof. Our full-service concept extends from the original idea right through
to long-term management. Our credo: a full range of services from a single
provider who takes overall responsibility as opposed to a "coordinator".
This expertise is underpinned by several decades of experience in the
sector as well as the financial strength of the ECE Group and enables us to
cater to the full range of needs and requirements of our clients."



*(2) Vulnerability Details:*
ECE web application has a security bug problem. It can be exploited by XSS
attacks. This may allow a remote attacker to create a specially crafted
request that would execute arbitrary script code in a user's browser
session within the trust relationship between their browser and the server.

Several ECE Projects products 0Day vulnerabilities have been found by some
other bug hunter researchers before. ECE Projects patched some of them.
Open Sourced Vulnerability Database (OSVDB) is an independent and
open-sourced database. The goal of the project is to provide accurate,
detailed, current, and unbiased technical information on security
vulnerabilities. The project promotes greater, open collaboration between
companies and individuals. It has published suggestions, advisories,
solutions details related to XSS vulnerabilities.


*(2.1)* The first code programming flaw occurs atoccurs at "suchergebnis/?"
page with "&tx_solr[q]" parameter.






*References:*
http://www.tetraph.com/security/xss-vulnerability/ece-projects-xss-cross-site-scripting-security-vulnerabilities/
http://securityrelated.blogspot.com/2015/04/ece-projects-xss-cross-site-scripting.html
http://www.inzeed.com/kaleidoscope/computer-web-security/ece-projects-xss-cross-site-scripting-security-vulnerabilities/
http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/ece-projects-xss-cross-site-scripting-security-vulnerabilities/
https://hackertopic.wordpress.com/2015/04/02/ece-projects-xss-cross-site-scripting-security-vulnerabilities/
http://static-173-79-223-25.washdc.fios.verizon.net/?a=139222176300014&r=1&w=2
http://packetstormsecurity.com/files/authors/11717
http://www.osvdb.org/show/osvdb/119707




--
Wang Jing,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing


Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close