I found no-redirect vulnerability and sql vulnerability on some websites prepared with Sarmansoft. In the first example, you can add the "and" "or" parameter and execute your own queries, apart from the database's own query. SQL İNJ (SLEEP) EXAMPLE: https://passionturkey.com/neler.php?id=9%20AND%20(SELECT%20*%20FROM%20(SELECT(SLEEP(5)))nQIP) NO-REDİRECT EXAMPLE: https://uyarlar.com.tr/admin/index.php Replace the address with: /admin/anasayfa_ayarlari.php To find more websites // "® Software & Technology | Sarman Soft Software and Technology Services" My Concat Address: [email protected]