################################################################################??########
$ `4 u) q* ^- Y# q) j; s#
& N2 x4 `" x. g* E4 K% N# Exploit Title : Net Ways Cms Sql Injection Vulnerability
/ w) I, s+ v, U( z* _- H" F" `#
& V1 S6 K. `$ ^- s( o# Author : IrIsT.Ir - V# R0 V: o f" W$ J2 O+ f
# , D6 b9 x, a- r/ y. r) ^
# Discovered By : Am!r
* [0 g7 q1 U- L5 N#
% Z7 e C3 A. Y# Home : http://IrIsT.Ir/forum
}9 y+ l3 ?+ |# {1 t, n: R#
# p8 h. U# X' T5 l* |8 L6 J# Software Link : http://www.netways.com/ www.political-security.com
. O( {. z4 J) G* Y+ B8 j# $ d2 B6 i/ [4 N
# Security Risk : High / h9 m. k2 Z5 `5 x5 u5 i6 W" |1 i
# 1 R. O9 h" C5 k8 c: |; N
# Version : All Version
. T+ t- n1 U# p4 `) [1 M& R#
% t+ V' f; ~% J3 O# Tested on : GNU/Linux Ubuntu - Windows Server - win7 # B# Q) T5 _5 F: b! s3 f
#
6 L% d$ J6 G2 D% m8 Z3 B# B# Dork : intext:"Designed & developed by NetWays"
8 `1 j: H, p: K) Y! w: n1 [#
0 ]$ L+ j' V2 a" C3 f################################################################################??########
4 t; W( e7 f) @7 w- |#
# w" g4 M( `! E C/ Z# Expl0iTs : * z; D# b" A4 S
# : ^3 L5 M' a3 S0 ]/ V: j
# http://target.com/news.php?id=[Sql]
% z S, T( u7 l9 u: _& n1 Q; q# 0 C2 f8 m6 p( H
# + j* J9 G1 ?5 I
# D3mo :
) a6 N' i/ m! ]/ R$ ?% z% o0 ]#
; c' l6 X C3 |& X& J0 a9 N+ S# http://compagnieparento.com/news.php?id=7[Sql]
5 Y q! S$ v, z) I/ x# ; Y1 o9 V9 {0 p; W! z) P4 C% w1 K5 y
################################################################################??########
' P: I7 q* X4 ~: B) {3 l( A# ) x3 Y# i( x8 b' M3 t+ d2 D) M
# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r * M+ h0 Y1 M9 F/ A0 y+ d
#
0 b* t" g2 u8 g$ Y7 m; ?# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
( n, ^" G( g$ n; p- x# 1 F& @7 N% T# a0 S) C
# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
~ I/ k" D3 f3 F$ h. b#
0 P, w/ o9 r! |$ E################################################################################??######## |