G.CMS Generator - SQL Injection

EDB-ID:

13954

CVE:

2010-2438

EDB Verified:

Author:

Sid3^effects

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2010-06-21

Vulnerable App:

1               ##########################################             1
0               I'm Sid3^effects member from Inj3ct0r Team             1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Name : Gcms generator SQLi Vulnerability
Date : june, 21 2010
Critical Level 	: HIGH
Vendor Url : http://www.laubrotel.com/gcms/demo/
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz 
#######################################################################################################
Description:
Gcms generator is a mini-site version CMS (content management).

With this tool, you can create an unlimited number of mini-site independent of each other, each mini-site has its own administration interface. For each site created a directory "site" is created, which allows you to point a domain name directly on the site
#######################################################################################################
Xploit: SQLi Vulnerability 

DEMO URL 
   http://server/?lang=[inject code]
###############################################################################################################
# 0day no more 
# Sid3^effects

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services