header-logo
Suggest Exploit
vendor:
Gcms generator
by:
Sid3^effects aKa HaRi
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Gcms generator
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Gcms generator SQLi Vulnerability

Gcms generator is a mini-site version CMS (content management). With this tool, an attacker can inject malicious code into the 'lang' parameter of the URL, which can be used to execute arbitrary SQL commands.

Mitigation:

Input validation should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

1               ##########################################             1
0               I'm Sid3^effects member from Inj3ct0r Team             1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Name : Gcms generator SQLi Vulnerability
Date : june, 21 2010
Critical Level 	: HIGH
Vendor Url : http://www.laubrotel.com/gcms/demo/
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz 
#######################################################################################################
Description:
Gcms generator is a mini-site version CMS (content management).

With this tool, you can create an unlimited number of mini-site independent of each other, each mini-site has its own administration interface. For each site created a directory "site" is created, which allows you to point a domain name directly on the site
#######################################################################################################
Xploit: SQLi Vulnerability 

DEMO URL 
   http://server/?lang=[inject code]
###############################################################################################################
# 0day no more 
# Sid3^effects

Navigation

Suggest Exploit

Services By CQR