Hloun Support Management System 3.0 SQL Injection / Bypass

Hloun Support Management System version 3.0 suffers from authentication bypass and remote SQL injection vulnerabilities. fixhashuser$COOKIE'onlineadmin'; $userquery = "SELECT FROM member WHERE username='".$memberhash'username'."' AND password='".$memberhash'password'."'"; $member =...