Joomla Component (com_quickfaq) BSQL-i Vulnerability

2010.07.27
Risk: High
Local: No
Remote: Yes
CWE: CWE-89


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

----------------------------------------------------------------------------------------- Joomla Component (com_quickfaq) BSQL-i Vulnerability ----------------------------------------------------------------------------------------- [+]Title Joomla Component (com_quickfaq) BSQL-i Vulnerability [+]Author **RoAd_KiLlEr** [+]Contact RoAd_KiLlEr[at]Khg-Crew[dot]Ws [+]Tested on Win Xp Sp 2/3 --------------------------------------------------------------------------- [~] Founded by **RoAd_KiLlEr** [~] Team: Albanian Hacking Crew [~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws [~] Home: http://inj3ct0r.com [~] Vendor: http://www.schlu.net [~] Download Application:http://www.schlu.net/downloads/16-component/77-quickfaq.html [~] Version: 1.0.3 ==========ExPl0iT3d by **RoAd_KiLlEr**========== [+]Description: QuickFAQ is an easy to use but powerful FAQ management system. Feature List: * Unlimited Subcategories * Assign FAQ Items to multiple Categories * Create Tags/Labels to flag FAQ Items * Up/down voting of FAQ Items * Favoure FAQ Items to maintain a personal bookmark list * Document uploader/manager * PDF creation of FAQ Items * RTL support * RSS/ATOM Feeds * Detailed statistics * JComments and JomComments integration ========================================= [+] Dork: inurl:"com_quickfaq" ========================================== [+]. SQL-i Vulnerability =+=+=+=+=+=+=+=+=+ [Exploit]: http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Valid Cid]&Itemid= [BSQL-Injection]

References:

http://xforce.iss.net/xforce/xfdb/60236
http://www.securityfocus.com/bid/41508
http://www.exploit-db.com/exploits/14296
http://packetstormsecurity.org/1007-exploits/joomlaquickfaq-sql.txt


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top