Homepages Admin SQL Injection

Homepages Admin suffers from a remote SQL injection vulnerability that allows for authentication bypass. An attacker can then upload a php shell.