################################################################################??########
( W0 o; K7 H5 I E; k5 Y#
9 R6 e+ F# v+ Z; b# Exploit Title : Net Ways Cms Sql Injection Vulnerability
/ [& c8 d! C Z _: D2 G#
. ~( L$ ~% ]- K8 G# Author : IrIsT.Ir ) Q, w) {$ |# z7 t; r/ o9 z3 `
# . B8 C. W Q! I! O6 U6 s* d7 Y
# Discovered By : Am!r # V9 ^3 J& x' r
# * k, m5 U9 @( Y/ X m8 A$ n
# Home : http://IrIsT.Ir/forum `9 @0 K+ S$ s) C; f
#
3 i3 T4 y5 V4 Y0 q T# Software Link : http://www.netways.com/ www.political-security.com
3 F3 R6 C$ v6 N1 W#
. R) J. X& v2 [" K6 f5 ?9 u, g/ T) Z# Security Risk : High
, j0 _% H; e& u& L" i# ! Z/ o' n( Z/ f2 {& A0 E, p
# Version : All Version , n- ]3 n, @( a$ f
# # [" r! R% K( Y4 ^' B$ D+ J9 v$ o
# Tested on : GNU/Linux Ubuntu - Windows Server - win7 . d' {4 _" o2 `, f2 e7 R' P% P u
# ! U, G. A- Y4 H* Z
# Dork : intext:"Designed & developed by NetWays"
9 ]* h; d: L6 p4 E- S/ {# . b1 ^+ e9 |2 J2 p9 k- i, t$ ?
################################################################################??########
( t2 l/ H$ x4 G N+ p#
# D/ g2 g/ N& T: I" |/ |, z! ]) O4 h# Expl0iTs : & s1 T* ^" _: ^. r
#
. u* t' N. Z* |! @1 W6 r8 a# http://target.com/news.php?id=[Sql] 8 Z& C5 N: k) Q% h" O0 l3 C
# ; z$ ~2 e, @. T0 d2 V, L
#
9 w& o0 v! t, Y, Q4 E; w6 ~# D3mo : 4 c) S) y+ a D
# & G. K0 R0 v7 P' H5 R
# http://compagnieparento.com/news.php?id=7[Sql] * E4 p. c% e; A
#
7 s5 E, z5 g9 ]) S% Z* y################################################################################??########
" D0 k e4 G2 }) f, M) G#
m( y* h2 o! A5 t5 l# Greats : B3HZ4D - nimaarek - Dead.Zone - C0dex - SpooferNinja - TaK.FaNaR - Nafsh - BestC0d3r 7 K1 j) j; q/ a; j
#
( _! ? a7 |- V/ B& d* C4 g# |# 0x0ptim0us - TaK.FaNaR - m3hdi - F@rid - Siamak.Black - H4x0r - dr.tofan - skote_vahshat - d3c0d3r 6 B$ Z; v: |: z2 F
#
0 M. h# w v3 k! N# Mr.Xpr & M.R.S.CO & Mr.Cicili & H-SK33PY & All Members In Www.IrIsT.Ir/forum
6 } W- u) E! f, q# V5 q4 E% T" {4 p9 c* ^
################################################################################??######## |