SSD Advisory – OpenCart Account Takeover

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes a account takeover vulnerability found in OpenCart (version 2.3.0.2). OpenCart is a opensource e-commerce platform written in PHP.

“Opencart is an easy to-use, powerful, Open Source online store management program that can manage multiple online stores from a single back-end.”

Credit
An independent security researcher “Ayrx” has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Responses
The vendor had this response to our report:
“… another clown acting like james bond with a nonsense Vulnerability”
“james already told me it was bullshit so go ahead!”

Continue reading SSD Advisory – OpenCart Account Takeover

SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describe Information Disclosure found in Oracle Knowledge Management version 8.5.1.

By enabling searches across a wide variety of sources, Oracle’s InQuira knowledge management products offer simple and convenient ways for users to access knowledge that was once hidden in the myriad systems, applications, and databases used to store enterprise content.

Oracle’s products for knowledge management help users find useful knowledge contained in corporate information stores.

Credit
An independent security researcher, Steven Seeley, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
Oracle has released patches to address this vulnerability, for more details see: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html.

Continue reading SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE

SSD Advisory – SolarWinds Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
SolarWinds Server and Application Monitor version 6.1.1 has been found to contain multiple vulnerabilities:

  1. Node Custom Properties Persistent XSS
  2. Audit Events Module Persistent XSS
  3. Custom “Data Source” and ‘Where Clause’ Persistent XSS
  4. “Build Dynamic Query Name” Persistent XSS
  5. Multiple Persistent XSS Vulnerabilities Via ‘Title’ field
  6. Application Monitor Template Persistent XSS
  7. NOC View Name Persistent XSS

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
We notified SolarWinds about the vulnerabilities back in August 2015, repeated attempts to re-establish contact and get some answers on the status of the patches for these vulnerabilities went unanswered. We have also contacted CERT in August 2015, but they were unable to get them to addresses these issues. At this time there is no solution or workaround for these vulnerabilities.

Continue reading SSD Advisory – SolarWinds Multiple Vulnerabilities