#Exploit Title: MINMAX – SQL Injection vulnerability
#Date: 2020-07-07
#Exploit Author: Mostafa Farzaneh
#Vendor Homepage: https://minmax.biz
#Google Dork: "Designed by MINMAX"
#Category:webapps
#Tested On: windows 10, Firefox
#Software Link : https://minmax.biz
#CWE: CWE-89
 
Proof of Concept:
1-Search google Dork: "Designed by MINMAX"
Demo: https://www.dama.com.tw/newsDia.php?d=19 [Sql Injection vulnerability]
Demo: https://www.sunnybeautyclinic.com.tw/newsDia.php?cls=N000001&id=93 [Sql Injection vulnerability]
Demo: https://www.niken.com.tw/newsDia.php?id=94 [Sql Injection vulnerability]

********************************************************* 
#Discovered by: Mostafa Farzaneh from PywebSecurity  team
#Telegram: @pyweb_security
*********************************************************