# Exploit Title: IMP XForm v2.0 DatalifeEngine Module SQL Injection
# Exploit Author: Hesam Bazvand
# Software Link: http://www.datalifeengine.ir/download/1396/IMP.XForm.v2.0.zip
# Test # Exploit Title: IMP XForm v2.0 DatalifeEngine Module SQL Injection
# Exploit Author: Hesam Bazvand
# Software Link: http://www.datalifeengine.ir/download/1396/IMP.XForm.v2.0.zip
# Tested on: Windows 10 / Kali Linux
# Category: WebApps
# Dork : inurl:xform/1.html OR inurl:xform/2.html and etc...
# Email : Black.king066@gmail.com
Exploit : Insert '"1 In Email Form and Enjoy It :D
Request : https://i.imgur.com/6MjOoYF.jpg
Response : https://i.imgur.com/Pbsr5iq.jpg
POC Targets :
http://payamclub.ir/xform/1.html
http://p-it.ir/xform/1.html
http://www.dlestore.ir/xform/2.html
http://www.muslimstudents.ir/xform/2.html
http://bandarabadan10000.ir/xform/1.html
http://www.ghaem125.ir/xform/1.html
IMP XForm 2.0 DatalifeEngine SQL Injection
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 391