Andromeda Streaming MP3 Server v1.9.3.6 (s param) Remote XSS Vulnerability
Title: Andromeda Streaming MP3 Server v1.9.3.6 (s param) Remote XSS Vulnerability
Advisory ID: ZSL-2012-5087
Type: Remote
Impact: Cross-Site Scripting
Risk: (2/5)
Release Date: 09.05.2012
Apache 2.2.21
PHP 5.3.9
MySQL 5.5.20
[2] http://cxsecurity.com/issue/WLB-2012050066
[3] http://secunia.com/advisories/18359
[4] http://xforce.iss.net/xforce/xfdb/75497
[10.05.2012] - Added reference [3]
[12.05.2012] - Added reference [4]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2012-5087
Type: Remote
Impact: Cross-Site Scripting
Risk: (2/5)
Release Date: 09.05.2012
Summary
Turn your MP3 collection into an MP3 server. Simply add a single PHP or ASP script to any folder within your site. Now you can browse and play the contents of that folder - over the Web, or over your local network.Description
Andromeda is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 's' parameter of the 'andromeda.php' script.Vendor
Turnstyle - http://www.turnstyle.comAffected Version
1.9.3.6 PHP (2012)Tested On
Microsoft Windows XP Professional SP3 (EN)Apache 2.2.21
PHP 5.3.9
MySQL 5.5.20
Vendor Status
N/APoC
andromeda_xss.txtCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] http://packetstormsecurity.org/files/112549[2] http://cxsecurity.com/issue/WLB-2012050066
[3] http://secunia.com/advisories/18359
[4] http://xforce.iss.net/xforce/xfdb/75497
Changelog
[09.05.2012] - Initial release[10.05.2012] - Added reference [3]
[12.05.2012] - Added reference [4]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
