Jan
27
2009
nGenuity Information Services – Security Advisory
Advisory ID: NGENUITY-2009-002
Application: Open-Realty 2.5.5
Vendor: Transparent Technologies,INC
Vendor website: http://www.transparent-tech.com/
Author: Adam Baldwin (adam_baldwin@ngenuity-is.com)
I. BACKGROUND
"Open-Realty® is an open source web based real estate listing management
application. It is intended to be both easy to setup and use. Written
in PHP, Open-Realty® is designed to be a fast and flexible tool for
your real estate website" [1]
II. DETAILS
A Blind SQL Injection vulnerability exists within Open-Realty that is
exploitable by a user with admin or agent privileges.
This vulnerability can be exploited by inserting specially crafted SQL
into the edit form field in the image upload feature of Open-Realty.
Successful exploitation of this vulnerability could result in extraction
of data from the Open-Realty database.
III. VENDOR
1.27.2009 - Version 2.5.6 has been released and addresses this vulnerability.
VI. REFERENCES
[1] - http://www.open-realty.org/
Copyright (c) 2008 nGenuity Information Services, LLC
Dec
31
2008
nGenuity Information Services – Security Advisory
Advisory ID: NGENUITY-2009-001
Application: Open-Realty 2.5.5
Vendor: Transparent Technologies,INC
Vendor website: http://www.transparent-tech.com/
Author: Adam Baldwin (adam_baldwin@ngenuity-is.com)
I. BACKGROUND
"Open-Realty® is an open source web based real estate listing management
application. It is intended to be both easy to setup and use. Written
in PHP, Open-Realty® is designed to be a fast and flexible tool for
your real estate website" [1]
II. DETAILS
Multiple reflected cross-site (xss) scripting vulnerabilities exist within
Open-Realty v2.5.5. These are due to user input being echoed back to the user
unaltered or properly encoded.
Reflected:
http://www.example.com/openrealty/index.php?action=contact_agent&listing_id=XSS&popup=yes
http://www.example.com/openrealty/index.php?action=contact_agent&popup=yes&agent_id=XSS
http://www.example.com/openrealty/index.php?action=calculator&price=XSS&popup=y
1.27.2009 - Version 2.5.6 has been released and addresses this vulnerability.
III. REFERENCES
[1] - http://www.open-realty.org/
Copyright (c) 2008 nGenuity Information Services, LLC
IV. EDITS
1/18/2008 - Vendor notification "releasing a new version of Open-Realty 2.5.6 this week to fix the XSS reflection vulnerabilities..."
1/20/2008 - Removed persistent section of advisory. Informed by the vendor that "There is an option to strip HTML from the
listing and agent fields when agents post in the Open-Realty configuration, under Editor/Html. If that is on any html posted in a "
field by an agent will be removed."
1/27/2009 - Added vendor fix information.
