Candidate Resources Inc. web software suffers from an administrative bypass flaw.
685ea4431520ae34fd5c3a379c1216f2d30a9479cad58c7480b4453d76be45e6
google hack: "Powered by Candidate Resources Inc."
I MurderSkillz from g00ns.net have found a auth bypass in Candidate Resources Inc. web software.
Looks like there are different places on websies to login. Works for the login pages. Not much you can do but displays the admins info in the edit user page and edit some stuff..
user:pass
' or '
' or 'a'