TWE CMS suffers from a remote SQL injection vulnerability.
f1f0355cdf1a8a35b7d3e9a315b67779df67052cbd13d6c00b34f654fd2788b6
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- In The Name Of God -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
--------------------------------------------------------------------------------
@ TWE CMS SQL Injection Vulnerability
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
# Name:TWE CMS SQL Injection Vulnerability
# Vendor: http://www.thaiwebeasy.com/
# Date: 2012-09-11
# Author: Ashiyane Digital Security Team
# Thanks to: 1337day.com
# Contact: MojiRider[at]YaHoo[Dot]com
# Home: www.ashiyane.org/forums/
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
[+] Dork: intext:TWE Content Management System
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
[+] Vulnerabilities ~>
[+] Vulnerability: http://127.0.0.1/news.php?news_id='SQL'
[+] Vulnerability2: http://127.0.0.1/menu_detail.php?menu_id='SQL'
[+] Demo : http://www.thaiwebeasy.com/news.php?news_id=54
--------------------------------------------------------------------------------
[+] Admin Page(s) : http://127.0.0.1/manage
===========================================================================
@ Gr33tz:
@ Ashiyane Members :
@ Behrooz_Ice,Q7x,Virangar,Iman_taktaz,Ali_eagle,Keivan,ruin3r,Hijacker,Rz04
@ Taghva,M3QD4D,PrinceOfHacking,Hidden-Hunter,elvator,unique2world
@ Gladiator,Encoder,mmilad200,n3me3iz,Classic,r3d.z0n3,Zend,milad-bushehr,HidDeEn,Unline
@ Angel--D3m0n,BEHR0Z,Stanic2000, *Alexander* ,A.S.P.I.R.I.N,Kaz3m, Azad , AR455
And All Ashiyane C0ders
===========================================================================
ASHIYANE DIGITAL SECURITY TEAM
WE LOVE IRAN
Persian Gulf For Ever
<<./By MojiRider >>