Joomla QuickFAQ Blind SQL Injection

2010-07-09T00:00:00
ID PACKETSTORM:91642
Type packetstorm
Reporter RoAd_KiLlEr
Modified 2010-07-09T00:00:00

Description

                                        
                                            `-----------------------------------------------------------------------------------------  
Joomla Component (com_quickfaq) BSQL-i Vulnerability  
-----------------------------------------------------------------------------------------  
[+]Title Joomla Component (com_quickfaq) BSQL-i Vulnerability  
[+]Author **RoAd_KiLlEr**  
[+]Contact RoAd_KiLlEr[at]Khg-Crew[dot]Ws  
[+]Tested on Win Xp Sp 2/3  
---------------------------------------------------------------------------  
[~] Founded by **RoAd_KiLlEr**  
[~] Team: Albanian Hacking Crew  
[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws  
[~] Home: http://inj3ct0r.com  
[~] Vendor: http://www.schlu.net  
[~] Download Application:http://www.schlu.net/downloads/16-component/77-quickfaq.html  
[~] Version: 1.0.3  
==========ExPl0iT3d by **RoAd_KiLlEr**==========  
  
[+]Description:  
QuickFAQ is an easy to use but powerful FAQ management system.  
  
Feature List:  
* Unlimited Subcategories  
* Assign FAQ Items to multiple Categories  
* Create Tags/Labels to flag FAQ Items  
* Up/down voting of FAQ Items  
* Favoure FAQ Items to maintain a personal bookmark list  
* Document uploader/manager  
* PDF creation of FAQ Items  
* RTL support  
* RSS/ATOM Feeds  
* Detailed statistics  
* JComments and JomComments integration  
=========================================  
  
[+] Dork: inurl:"com_quickfaq"  
  
==========================================  
  
  
[+]. SQL-i Vulnerability  
=+=+=+=+=+=+=+=+=+  
  
[Exploit]: http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Valid Cid]&Itemid= [BSQL-Injection]  
  
`