Aardvark Topsite: XSS vulnerability

Users of Aardvark Topsite please be advised of a XSS vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Aardvark-SA-10/24/2010: Aardvark Topsite XSS vulnerability
I found XSS on Aardvark Topsites PHP system.

Dork: “Powered by Aardvark Topsites” “SQL Queries”

XSS PoC: site_path/index.php?a=search&q=%22%20onmouseover%3dalert(String.fromChar

Code(88,83,83))%20par%3d%22

Can use POST to effect the “email”, “title”, “u” and “url” parameters

either on the same way.

Tested versions: 5.2.0 & 5.2.1 (might work on other versions also).Read more at http://www.criticalwatch.com
 

Advertisements