The Joomla QuickFAQ component suffers from a remote blind SQL injection vulnerability.
6280ac5895183ed33ffbd1868c9cca6bec2c365067bc14fd65c527924e256939-----------------------------------------------------------------------------------------
Joomla Component (com_quickfaq) BSQL-i Vulnerability
-----------------------------------------------------------------------------------------
[+]Title Joomla Component (com_quickfaq) BSQL-i Vulnerability
[+]Author **RoAd_KiLlEr**
[+]Contact RoAd_KiLlEr[at]Khg-Crew[dot]Ws
[+]Tested on Win Xp Sp 2/3
---------------------------------------------------------------------------
[~] Founded by **RoAd_KiLlEr**
[~] Team: Albanian Hacking Crew
[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws
[~] Home: http://inj3ct0r.com
[~] Vendor: http://www.schlu.net
[~] Download Application:http://www.schlu.net/downloads/16-component/77-quickfaq.html
[~] Version: 1.0.3
==========ExPl0iT3d by **RoAd_KiLlEr**==========
[+]Description:
QuickFAQ is an easy to use but powerful FAQ management system.
Feature List:
* Unlimited Subcategories
* Assign FAQ Items to multiple Categories
* Create Tags/Labels to flag FAQ Items
* Up/down voting of FAQ Items
* Favoure FAQ Items to maintain a personal bookmark list
* Document uploader/manager
* PDF creation of FAQ Items
* RTL support
* RSS/ATOM Feeds
* Detailed statistics
* JComments and JomComments integration
=========================================
[+] Dork: inurl:"com_quickfaq"
==========================================
[+]. SQL-i Vulnerability
=+=+=+=+=+=+=+=+=+
[Exploit]: http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Valid Cid]&Itemid= [BSQL-Injection]
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed