G.T. cms sql injection Vulnerability

2017.08.21
ir Ashiyane Digital Security Team (IR) ir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: site:tw inurl:exec/product.php?lg=E

|=============================================================| |-------------------In The Name Of God------------------------| | | Exploit Title: G.T. cms sql injection Vulnerability | | Exploit Author: Ashiyane Digital Security Team | | Vendor Homepage: http://www.manufacture.com.tw/ | | Google Dork : site:tw inurl:exec/product.php?lg=E | | Tested on: Windows 10 ~~~> Google Chrome | | Date: 19/8/2017 | | default admin page : target/admin |====================================| | Proof : | | http://www.octece.com/exec/product.php?lg=E | | http://www.longtsan.com.tw/exec/product.php?lg=E | | http://www.jgh.com.tw/exec/product.php?lg=E | | http://www.tongshen.com.tw/exec/product.php?lg=E | | http://www.chinghuaorchids.com.tw/exec/product.php?lg=E | |=============================================================| | Discovered By : sir shahroukh |=============================================================|


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top