Thailand Government Sql İnjection Vulnerability

2018.02.12

SaruH4N (TR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: inurl:select_news.php?news_id=

################################################################################
# Exploit Title: Thailand Government Sql İnjection Vulnerability
# Author : SaruH4N & Turkhackteam.org
# Google Dork : inurl:select_news.php?news_id=
# Tested on : Kali Linux 2018.1 & Windows 10
# Date : 12.02.2018
# Blog : https://twitter.com/Saruhan_x
# Forum : http://www.turkhackteam.org
################################################################################
Tutorial :
[+] Dorking İn Google
[+] Do a sql injection scan on site
[+] Connect to Database, Sqlmap & Havij & Jsql
[+] Admin Entry = login_form.php
Demo Sql:
http://nongmaiphai.go.th/select_news.php?news_id=67
http://www.ponsongkram.go.th/select_news.php?news_id=334
http://khaokhaow.go.th/news.php?id_type=1
Greetz: ZoRRoKiN - lGECEGEZENl - KingTHT - FireHackTürk & ANKATİM

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Thailand Government Sql İnjection Vulnerability

Dork: inurl:select_news.php?news_id=

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.