Description
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Sid3^effects · textwebappsphp
https://www.exploit-db.com/exploits/13954
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59621
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/13954
Scores
EPSS
0.0010
EPSS Percentile
27.8%
Details
CWE
CWE-89
Status
published
Products (1)
laubrotel/g.cms_generator
Published
Jun 24, 2010
Tracked Since
Feb 18, 2026