#Exploit Title: REPLICA WATCHES – SQL Injection vulnerability
#Date: 2020-07-07
#Exploit Author: Mostafa Farzaneh
#Google Dork: "DESENVOLVIDO POR REPLICA WATCHES"
#Category:webapps
#Tested On: windows 10, Firefox
#CWE: CWE-89
Proof of Concept:
1-Search google Dork: "DESENVOLVIDO POR REPLICA WATCHES"
Demo: http://www.projetest.com.br/categorias.php?id=5 [Sql Injection vulnerability]
Demo: http://passosararas.com.br/product.asp?k=0UtiY20BZorx4bamPKk17iZ596EhsN50j3FtgC016CXc [Sql Injection vulnerability]
Demo: http://intercambioharmoniabrasiljapao.com/?p=lerTodas&cod=5 [Sql Injection vulnerability]
*********************************************************
#Discovered by: Mostafa Farzaneh from PywebSecurity
#Telegram: @pyweb_security
*********************************************************