Non si hanno ancora maggiori informazioni riguardo questa vulnerabilità di tipo Blind SQL Injection.
-------------
Joomla Component (com_quickfaq) BSQL-i Vulnerability
------------------------
[+]Title Joomla Component (com_quickfaq) BSQL-i
Vulnerability
[+]Author **RoAd_KiLlEr**
[+]Tested on Win Xp Sp 2/3
---------------------------------------------------------------------------
[~] Vendor: http://www.schlu.net
[~] Download
Application:http://www.schlu.net/downloads/16-component/77-quickfaq.html
[~] Version: 1.0.3
==========ExPl0iT3d by **RoAd_KiLlEr**==========
[+]Description:
QuickFAQ is an easy to use but powerful FAQ management system.
Feature List:
* Unlimited Subcategories
* Assign FAQ Items to multiple Categories
* Create Tags/Labels to flag FAQ Items
* Up/down voting of FAQ Items
* Favoure FAQ Items to maintain a personal bookmark list
* Document uploader/manager
* PDF creation of FAQ Items
* RTL support
* RSS/ATOM Feeds
* Detailed statistics
* JComments and JomComments integration
=========================================
[+] Dork: inurl:"com_quickfaq"
==========================================
[+]. SQL-i Vulnerability
=+=+=+=+=+=+=+=+=+
[Exploit]:
http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Vali
d Cid]&Itemid= [BSQL-Injection]
