---------------------------------------------------------
# Exploit Title: Design By Julyinfo. - SQL Injection Vulnerability
# Date: 2019-11-14
# Exploit Author: FreeBuzz Team
# Vendor Homepage: http://www.websmileindia.com/
# Team Mail : Frb@tutamail.com
# Tested on: Ubuntu
---------------------------------------------------------
Google Dork:
intext:"Design By Julyinfo" inurl:".php?id=
inurl:"/mana_php/" [This admin page you can find it then browser SQL parameters in Home page]
-
Demo:
http://www.realycorp.com.tw/works_detial.php?b_id=36[SQLi]
http://www.depoan.com/news-detial.php?newId=96[SQli]
https://www.twsgi.org.tw/news-detail.php?n_id=7998[SQli]
http://www.unionchemical.com.tw/products_list_food.php?level1_id=10[SQli]
http://www.labvolt-taiwan.com/new_info.php?b_id=24[SQLi]
----------------------------------------------------------
# Discovered by Unkn0wn[0x9a@protonmail.com]
# https://github.com/0x9a
# We Are : AloneGhost - VeNoM - Agent Haze - Old_One - Unkn0wn
FreeBuzz Team @ 2012-2019 [FRB]