################################################################################??########
) T$ K2 x; Z0 w" v( a& z#
) E! V/ C* S7 d; J1 h# Exploit Title : Net Ways Cms Sql Injection Vulnerability - c, @ F1 F$ T4 Q9 h% }, w
# 0 B( D" j. j! J0 E9 f
# Author : IrIsT.Ir
* Y$ B3 E" x# ~, k#
; ^2 J/ T7 W, q, U2 t# Discovered By : Am!r ! ]7 V& r" [: t
# . o* l* s3 I- c* D# n+ Q
# Home : http://IrIsT.Ir/forum
9 h6 B: l2 v6 S2 K" F( j# Y#
6 S7 d9 s; d3 F( |1 p# J# Software Link : http://www.netways.com/ www.political-security.com
! \) U0 [ U* J ~#
9 U& h4 f$ L! p2 c# Security Risk : High 3 _# o, A2 d$ s7 v: \9 W
# ( G' p0 X7 R: I; J, @0 X
# Version : All Version 5 C' x! V+ {* @
#
4 U& d& ]' F+ q: s$ s$ S# Tested on : GNU/Linux Ubuntu - Windows Server - win7 ; D: l/ v ^; p% r4 ]: C
# & E# j/ c: [, k5 U: G- q
# Dork : intext:"Designed & developed by NetWays" 1 b& b2 O% m5 O/ R) M
#
% u; i( A& B6 N6 A% H################################################################################??########
" t8 @- \/ V0 d) J#
! Z2 o6 S; \! h# Expl0iTs :
2 H. M% Y G7 Y! x8 u3 p/ @- U3 B#
0 @+ N# C! [9 R# K4 K* D: u# http://target.com/news.php?id=[Sql] 2 Z; g/ z( u! q, s+ {/ f! p
# 8 E1 ^7 n, ] V! o! c7 q& }: W; e
# 9 ^3 k: c8 w. G3 q& N* C6 \4 j0 G
# D3mo :
2 F3 W( _0 N0 c: e' [#
4 Z) q. k% E7 y" b4 W* a7 i! |2 M# http://compagnieparento.com/news.php?id=7[Sql] 0 D+ ^! b: ^9 C7 X( c
# ; v2 G, e6 ~8 V8 ]+ F; o5 U6 ^( N
################################################################################??######## ' i, d6 {; k. ] E" t9 d2 c' Y. `
# 5 _% R% `5 v- ?' I7 q
# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r
4 d& K6 [- }( r# t' U# p3 q# 5 K$ W, A2 ~+ U, ]2 P3 ?. F0 h9 z
# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
- S: y4 U* {% M9 N$ C& [, \# # g/ k0 M1 m" h" R
# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
: N8 s' s( Q1 T: S. l# ! y3 I. ?9 K/ h) a; N' d
################################################################################??######## |