XtremeASP PhotoGallery Adminlogin.ASP SQL Injection Vulnerability

XtremeASP PhotoGallery Adminlogin.ASP SQL Injection Vulnerability

The following proof of concept has been supplied:

http://www.example.com/photoalbum/admin/adminlogin.asp

If we type:

Username: 'or'
Password: 'or'

We gain admin access about the password protected
administrative pages.