# Ariko-Security: Security Audits , Audyt bezpieczeństwa
# Advisory: 19/2011
# http://secunia.com/advisories/40670/ ( Seo Panel 2.x)

============ { Ariko-Security - Advisory #1/7/2011 } =============

SEO PANEL 3.0.0 multiple vulnerabilities

Vendor's description of software and demo:
# http://www.seopanel.in ,http://demo.seopanel.in

Dork:
# N/a

Application Info:
#Seo Panel 3.0.0 (LAST)

Vulnerability Info:
# Type: multiple XSS

Time Table:
# 16/07/2011 - Vendor notified

XSS:
#Input passed to the "lastName", "userName", "email", "firstName", "code" parameters in register.php is not properly sanitised before being returned to the user.

#Input passed to the "default_args" parameter in seo-tools.php is not properly sanitised before being returned to the user.

#Input passed to the "category" parameter in settings.php is not properly sanitised before being returned to the user.

#Input passed to the "dir_name","capcheck" parameters in directories.php is not properly sanitised before being returned to the user.

#Input passed to the "proxy_password" ,"proxy_username","proxy" parameters in proxy.php is not properly sanitised before being returned to the user.

#Input passed to the "pageno" parameter in seo-plugins-manager.php is not properly sanitised before being returned to the user.

Sample:

# http://server/seo-tools.php?menu_sec=directory-submission&default_args=sec%3dreports%26website_id%3d4%3c%2fsCrIpT%3e%3ciMg+SrC%3dx+OnErRoR%3dalert(12345)%3e&website_id=4&active

Solution:
# Input validation of vulnerable parameters should be corrected.

Credit:
# Discoverd By: Ariko-Security 2011