← Advisories

Andromeda Streaming MP3 Server v1.9.3.6 (s param) Remote XSS Vulnerability

Low

Advisory ID

ZSL-2012-5087

Release Date

09 May 2012

Vendor

Turnstyle - http://www.turnstyle.com

Affected Version

1.9.3.6 PHP (2012)

CVE

N/A

Tested On

Microsoft Windows XP Professional SP3 (EN), Apache 2.2.21, PHP 5.3.9, MySQL 5.5.20

Summary

Turn your MP3 collection into an MP3 server. Simply add a single PHP or ASP script to any folder within your site. Now you can browse and play the contents of that folder - over the Web, or over your local network.

Description

Andromeda is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 's' parameter of the 'andromeda.php' script.

Proof of Concept

andromeda_xss.txtTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://packetstormsecurity.org/files/112549

[2]http://cxsecurity.com/issue/WLB-2012050066

[3]http://secunia.com/advisories/18359

[4]http://xforce.iss.net/xforce/xfdb/75497

Changelog

09.05.2012Initial release

10.05.2012Added reference [3]

12.05.2012Added reference [4]