iScripts EasyCreate 3.0 Multiple Vulnerabilities
Title: iScripts EasyCreate 3.0 Multiple Vulnerabilities
Advisory ID: ZSL-2016-5298
Type: Local/Remote
Impact: Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data, Cross-Site Scripting
Risk: (4/5)
Release Date: 28.01.2016
MySQL 5.5.40
[08.12.2015] Follow up with vendor. No response received.
[08.12.2015] Ticket Created using online portal (id #010248399110346).
[08.12.2015] Ticket closed by vendor without requesting vulnerability details.
[28.12.2015] Vendor responds asking more details.
[29.12.2015] Sent details to the vendor.
[05.01.2016] Follow up with vendor. No response received.
[14.01.2016] Follow up with vendor. No response received.
[28.01.2016] Public Security advisory released.
[2] https://cxsecurity.com/issue/WLB-2016010231
[3] https://www.exploit-db.com/exploits/39386/
[31.01.2016] - Added reference [1] and [2]
[01.02.2016] - Added reference [3]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2016-5298
Type: Local/Remote
Impact: Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data, Cross-Site Scripting
Risk: (4/5)
Release Date: 28.01.2016
Summary
iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by offering website building services to your customers. Equipped with drag and drop design functionality, crisp templates and social sharing capabilities, this online website builder software will allow you to provide the best website building features to your users.Description
iScripts EasyCreate suffers from multiple vulnerabilities including SQL Injection, XSS and CSRF.Vendor
iScripts.com - http://www.iscripts.comAffected Version
3.0Tested On
ApacheMySQL 5.5.40
Vendor Status
[17.11.2015] First contact to vendor.[08.12.2015] Follow up with vendor. No response received.
[08.12.2015] Ticket Created using online portal (id #010248399110346).
[08.12.2015] Ticket closed by vendor without requesting vulnerability details.
[28.12.2015] Vendor responds asking more details.
[29.12.2015] Sent details to the vendor.
[05.01.2016] Follow up with vendor. No response received.
[14.01.2016] Follow up with vendor. No response received.
[28.01.2016] Public Security advisory released.
PoC
iscripts_mv.txtCredits
Vulnerability discovered by Bikramaditya Guha - <bik@zeroscience.mk>References
[1] https://packetstormsecurity.com/files/135512[2] https://cxsecurity.com/issue/WLB-2016010231
[3] https://www.exploit-db.com/exploits/39386/
Changelog
[28.01.2016] - Initial release[31.01.2016] - Added reference [1] and [2]
[01.02.2016] - Added reference [3]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk