Simple CMS

[daaan () gmail com]

The cms from http://www.cms-center.com/ uses no security at all, just a boolean "isloggedin". If you submit 
"loggedin=1" in the URL of any of the admin pages, you get full controll.

Proof:

1. Google for "powered by php mysql simple cms"
2. type "admin/config_pages.php?loggedin=1" behind the url
3. Done. It works on every admin page that uses the so called auth.php.

I tried to contact the author, but i was unable to find ANY contact info.