################################################################################??########
: G2 u' O. i! M. @* W#
I ^: F) {/ H {# Exploit Title : Net Ways Cms Sql Injection Vulnerability 6 U( F) C& L) h( o. w2 W
#
3 H! b0 i `# [# A- {# R# Author : IrIsT.Ir 1 U6 A: A/ I/ Y
# 2 ]( q9 `7 h3 S$ T
# Discovered By : Am!r % [" V) r1 P7 T4 c5 x+ _
#
; c, k) ~3 a4 y% B# Home : http://IrIsT.Ir/forum
# S( t f- `# J9 v6 N. |! a' k- S5 _. @#
) T( e2 Q2 X3 ^3 y$ J0 F Y- [- m# Software Link : http://www.netways.com/ www.political-security.com
- c1 V! M; `) i2 b4 [# * X, x ]# Q* i/ x- y, v: _5 u# x' H
# Security Risk : High
0 d& r" G* r3 ?- [#
1 P. v- T5 |+ g* h/ x$ T/ b# Version : All Version " K7 W. z$ O1 a; B
#
$ q+ v' K8 Y' `/ F( \6 t# Tested on : GNU/Linux Ubuntu - Windows Server - win7
0 q& A8 J+ N$ ]; X+ L. \# : j$ q U* A: K: C' H8 X
# Dork : intext:"Designed & developed by NetWays"
' \: s+ m- W( m) V/ x# F#
! M1 |7 o) Y. E5 a* y################################################################################??######## # M8 B$ U* T$ t! T, p/ T! ~
#
2 C. w; n' T8 o b+ E5 b% B$ m2 W( x# Expl0iTs :
! @* f m( B f2 `0 C7 F# " y) V1 Q$ r( K5 Z$ k; h
# http://target.com/news.php?id=[Sql]
* I* g) a* l* u% l. U& o# + ]* Y7 e, `2 ~+ t; n
# 0 D6 C) S1 f- E( c. N4 T
# D3mo : ( O' Y; ]# T, @5 u, T, g5 [9 ]/ J1 {/ a
#
; N" h# O) h* z6 z. F! e# http://compagnieparento.com/news.php?id=7[Sql]
9 v) G; d. s# ~6 e, x% p# 9 K8 Z a- Z7 h$ L2 |
################################################################################??######## 5 H* ~8 f/ _! s: `; z; S
#
5 E4 @! }* O6 K6 D( H; X# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r 0 }5 h/ d9 g/ p. L: r3 ?( v
# 8 O; W- N. h' O8 x$ |- @' D
# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
9 q0 a. C } G* l+ ]6 m#
0 G _2 L m" _- p2 W# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
" @1 \2 G4 Z, f1 B#
: b$ a/ {1 \" @! z9 J8 d8 |################################################################################??######## |