Global Media Service SQL Injection

2012-01-28 / 2012-01-29

Credit: ITTIHACK

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:\"Powered by GMS\"

GMS ( Global Media Service ) Remote SQLi Vulnerability
Software : Global Media Service
Date : 1/28/2012
Vendor : http://g-m-s.co.jp
Get App. : order here: http://g-m-s.co.jp/hp_fm.php?file_hp=index.php&page_no=7&data_id=38938
Dork : intext:"Powered by GMS"
Author : ITTIHACK
Home : http://ittihack.com
Vulnerable File : index.php
About : GMS ~ Global Media Services is a Japanese company established in 1991. It develops
web applications, security softwares, VPN services and more.
Exploit : http://site/GMS/index.php?page_no=[SQLi]
Login Page : http://site/GMS/log_in.php
Demo Sites : http://oa.g-m-s.co.jp/index.php?page_no=11
http://gms-web.com/index.php?page_no=5
http://www.tochiko.jp/group/index.php?page_no=7
#Greatz to: ___ ____ ____
#````______/```\__//```\__/____\
#``_/```\_/``:```````````//____\
#`/|``````:``:``..``````/ Reinie \
#|`|`````::`````::``````\````````/
#|`|`````:|`````||`````\`\______/
#|`|`````||`````||``````|\``/``|
#`\|`````||`````||``````|```/`|`\
#``|`````||`````||``````|``/`/_\`\
#``|`___`||`___`||``````|`/``/````\
#```\_-_/``\_-_/`|`____`|/__/``````\
#````````````````_\_--_/````\`````/
#```````````````/____```````````/
#``````````````/`````\`````````/
#``````````````\______\_______/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Global Media Service SQL Injection

Dork: intext:\"Powered by GMS\"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.