#Exploit Title: MINMAX – SQL Injection vulnerability #Date: 2020-07-07 #Exploit Author: Mostafa Farzaneh #Vendor Homepage: https://minmax.biz #Google Dork: "Designed by MINMAX" #Category:webapps #Tested On: windows 10, Firefox #Software Link : https://minmax.biz #CWE: CWE-89 Proof of Concept: 1-Search google Dork: "Designed by MINMAX" Demo: https://www.dama.com.tw/newsDia.php?d=19 [Sql Injection vulnerability] Demo: https://www.sunnybeautyclinic.com.tw/newsDia.php?cls=N000001&id=93 [Sql Injection vulnerability] Demo: https://www.niken.com.tw/newsDia.php?id=94 [Sql Injection vulnerability] ********************************************************* #Discovered by: Mostafa Farzaneh from PywebSecurity team #Telegram: @pyweb_security *********************************************************