Joomla Freestyle FAQ Lite 1.3 SQL Injection

2010-04-07T00:00:00
ID PACKETSTORM:88148
Type packetstorm
Reporter Chip D3 Bi0s
Modified 2010-04-07T00:00:00

Description

                                        
                                            `---------------------------------------------------------------------------------  
Joomla Freestyle FAQ Lite Component 1.3 (faqid) SQL Injection  
---------------------------------------------------------------------------------  
  
Author : Chip D3 Bi0s  
Group : LatinHackTeam  
Email & msn : chipdebios@gmail.com  
Date : 05 april 2010  
Critical Lvl : Moderate  
Impact : Exposure of sensitive information  
Where : From Remote  
---------------------------------------------------------------------------  
  
Affected software description:  
~~~~~~~~~~~~~~~~~~~~~~~~~~~  
  
  
Application : Freestyle FAQ Lite   
version : 1.3  
Developer : Freestyle Joomla  
License : GPLv2 type : Non-Commercial  
Date Added : 22 March 2010  
Download : http://freestyle-joomla.com/fssdownloads/viewcategory/2  
Demo : http://freestyle-joomla.com/demo  
  
  
Description :  
  
Freestyle FAQ Lite is designed to provide you with a highly customised  
Frequently Asked Questions (FAQs) module on your Joomla website.  
There are various customisable options, you can display FAQs under  
a menu item or within a module.  
  
• Multiple categories  
• Search all FAQs  
• Add an image for each category  
• Link directly to a FAQ category or article from a menu item  
• View all FAQs at once (option to hide this)  
• Module to list FAQ categories anywhere on any page  
• Full image and html support for each FAQ  
• WYSIWYG editor for FAQs  
• Attach full html description to each category FAQs can be toggled as published or unpublished  
• Various Joomla back end parameters  
• Multiple view modes for question list - Normal list - clicking a category takes you to a different page with FAQ list  
• Multiple FAQ list modes - All questions and answers on one page  
  
  
--------------  
  
how to exploit  
  
http://127.0.0.1/index.php?option=com_fss&view=faq&Itemid=4&catid=1&tmpl=component&faqid={sql}  
  
------------------------  
  
  
+++++++++++++++++++++++++++++++++++++++  
[!] Produced in South America  
+++++++++++++++++++++++++++++++++++++++  
  
`