This exploit demonstrates an authentication bypass via SQL injection in Huron CMS 8 11 2007. By injecting 'or 1=1/* into the username and password fields, an attacker can bypass authentication and log in as an administrator.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Huron CMS 8 11 2007
No auth needed
Prerequisites:Access to the login page of Huron CMS