ICS Site Building / SQL Injection Vulnerability in Search Bar

# Exploit Title:  " ICS Site Building " / SQL Injection Vulnerability in Search Bar
#-----------------------------------------------------------------------------------------
# Exploit Author:  Mehdi Razmjoo ( razmjumehdi@gmail.com )
#-----------------------------------------------------------------------------------------
# Date: 2018.4.10
#-----------------------------------------------------------------------------------------
# Vendor Homepage: http://www.ics4u.com/
#-----------------------------------------------------------------------------------------
# CWE:  CWE-89
#-----------------------------------------------------------------------------------------
# Category: Web Application
#-----------------------------------------------------------------------------------------
#Dork: -
#-----------------------------------------------------------------------------------------
# Vulnerability Path:   http://Server/news.php?cat=22&in=0
#-----------------------------------------------------------------------------------------
#Tested On:  Kali Linux ( Firefox )
#-----------------------------------------------------------------------------------------
# Description:
#
# The vulnerability allows an attacker to inject sql commands. A bad guy might injects commands from "Search Bar".
#-----------------------------------------------------------------------------------------
#