################################################################################??########
7 s! f1 V9 z* h' R( G" F3 ~# . j8 L8 ?& `8 c$ I; \
# Exploit Title : Net Ways Cms Sql Injection Vulnerability
: o& U6 ]$ A0 V/ x8 u3 ^#
9 \0 u1 {& e6 u# Author : IrIsT.Ir , J! X& A3 S2 [$ H9 P
#
8 {7 k& s x! b) g3 k- J# Discovered By : Am!r 5 c( v3 l9 m0 {8 w# x9 o, P
#
, k9 s2 K; O1 i5 _8 |8 }# Home : http://IrIsT.Ir/forum 9 B( V6 n+ Z' }4 O
#
) p6 z6 H8 |0 @' e# Software Link : http://www.netways.com/ www.political-security.com
' P x% }- E; k4 c) _( v#
7 [0 [5 p+ D: G9 ^; }# Security Risk : High
8 k+ t U+ b$ h4 C$ Y# 0 N# x) Q, p, H! D0 ^% M
# Version : All Version
& j& K% D8 ?5 u# 5 W x, F$ ~( S7 }+ J
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
. Z3 H& @) j" _- ^5 D! a6 T5 I#
9 m1 m6 D2 }8 Z7 A# e! p! `# Dork : intext:"Designed & developed by NetWays"
# U2 U: Y5 b9 D! `& [* H0 f# 2 O2 l/ N' ^0 L" j
################################################################################??########
C) g4 Q( B- G+ |. n2 o#
4 e; b7 r! Z9 v& V' \$ P H! O, G- p# Expl0iTs :
1 P, p! p( x1 k$ [#
: Y8 Q' z5 ]" S( H/ m. Y1 q# http://target.com/news.php?id=[Sql]
7 ] j* p4 ]% Z5 V& p0 N/ p t#
5 G# n) ` e3 Q4 ~2 j& |, y4 B# , C1 K) W* C( {, h5 M. c
# D3mo :
- \/ g! y1 L0 Q. \7 q# ' i* A. [8 k; S- p8 j8 b! K
# http://compagnieparento.com/news.php?id=7[Sql] / k* ^6 T" c5 s9 v9 U9 U% x" W
# 0 r9 q5 a3 H0 h8 T0 v8 J# _8 G
################################################################################??######## , z% c8 V& S' l$ M8 c& ]; ]
# . P6 _: m& j) n' A
# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r 3 J" {( n7 z4 K3 V5 p
#
T& }, l; Y4 w+ C8 X+ @6 ]# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r
4 D! S% a7 y% D: _9 m# - f2 d# ~6 T$ b# k! M/ u
# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum 8 g8 V+ f# d9 E# d# d3 l) T# \4 m. c
#
. Y" D! c1 x& U; O G0 v; @################################################################################??######## |