################################################################################??########
. e) ^0 V# \ v3 \4 N#
& y' h9 K: l& p/ h. c# Exploit Title : Net Ways Cms Sql Injection Vulnerability
, e; P0 i# s. A- \5 A#
9 M, A2 q+ O0 w- z* J; r. _8 l# Author : IrIsT.Ir
+ p. B0 |1 ^, G! {4 S' M6 B# " F d7 d1 Y9 w l: p3 J. o
# Discovered By : Am!r
^7 g! b, X, S#
) Y/ Q* b* |2 A' ]0 w5 v# Home : http://IrIsT.Ir/forum
4 _7 C. g. O! O3 C! N) M# 3 c Y9 K* S% |2 p, a' T8 l% D8 m
# Software Link : http://www.netways.com/ www.political-security.com
0 d" G: U4 ?! U" a7 d7 |0 N3 S#
5 @/ T4 k' R* Z2 O z# Security Risk : High 5 N! h7 h# ?2 F) e- V
#
/ J, `3 s g [' Y7 R# Version : All Version " e4 v7 T) Z" Z; k
#
4 _# r/ t9 i, g Q# Tested on : GNU/Linux Ubuntu - Windows Server - win7 . t- E3 I! X9 K9 z/ O0 l. Y# E
# ; w5 o9 t$ c$ h1 [6 ]
# Dork : intext:"Designed & developed by NetWays" , Y% Q6 i% {: |
#
' z$ E! n- }; ~& I1 Z b# T################################################################################??########
: M1 C. m) R; S3 b2 v' l# $ D6 Y& _' @ e
# Expl0iTs : ! W4 h+ A6 s+ ^% C
#
7 I ^* }6 v) z# a' Y# http://target.com/news.php?id=[Sql] ) R+ I# _( @. c
# 7 {/ M% B% ^" D1 C( {: ^$ K9 Z
# ; g; M7 H. b- u6 D' z; S W
# D3mo :
% ^ a$ k' |' W6 l/ p% B" b( |. R#
3 @- `. ~6 G. [( S: s( m( D' Y# http://compagnieparento.com/news.php?id=7[Sql] 5 Y) X' @, i+ _) l ?: T9 X# X; u
#
) ]$ e, R8 b* H7 h! w8 ?. o################################################################################??######## 6 [8 z& Y0 |9 ^. }+ ]5 h
# 4 o& O7 m U5 t, t
# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r 3 @/ Q- T- ? A4 v# J' \' {# x
#
$ p$ q, g o* {- {/ T# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
# J. D+ U2 ~$ v* @3 H# - L% f- k7 h+ n0 q
# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
+ H7 a% S0 R9 {#
7 N1 v0 o! s0 s# r! h, ?# t2 m################################################################################??######## |