eBank IT Online Banking – Multiple Web Vulnerabilities
As a leading provider of innovative online banking software solutions, eBank-IT! provides
an accessible venue for offering a full-valued online banking platform to your clients,
using a cross-browser interface that`s secure and free of complexities and considering
maximum privacy and data protection procedures, as well as a wide scope of contenual
functionalities, which exceed the standard scope of most major online banking systems
in the world. http://www.ebank-it.com/
Vulnerability-Lab Team (Chokri B.A.) discovered multiple refelctive web vulnerability on the Online Banking Software eBank-IT.
Multiple refelctive cross site vulnerabilities are detected on the online banking software eBank-IT.
The bug allows remote attacker to implement malicious script code on the application side.
Successful exploitation of the vulnerability allows an attacker to manipulate specific modules & can
lead to session hijacking (user/mod/admin).
Proof of Concept: The vulnerabilities can be exploited by remote attackers with low required user inter action. For demonstration or reproduce …
<td width=”7%”> <img src=”images2/icons/error.gif”></td>
<td width=”94%”>\”><img src=http://www.vulnerability-lab.com/gfx/partners/vlab.png /> </td>
<td colspan=”3″ align=”center”>\”><img src=http://www.vulnerability-lab.com/gfx/partners/vlab.png /> </td>
Risk: The security risk of the reflective xss vulnerabilities are estimated as medium.
Credits: Vulnerability Research Laboratory – Chokri B.A (Me!ster)
Your Feed back is encouraged: https://netsecurityit.wordpress.com/polls/
- Is Your Online Bank Vulnerable To Currency Rounding Attacks? (acrossecurity.com)
- Banks cooperate to beat online thieves (netsecurityit.wordpress.com)
- Gentoo Linux Security Advisory: MIT Kerberos 5: Multiple vulnerabilities X2 (netsecurityit.wordpress.com)