OK3W文章管理系统漏*洞

OK3W是一套文章管理系统，整套系统的程序结构是以自定义类来实现的，很有创意o(∩_∩)o...
安全性还是比较好的，目前免费版4.7存在这个漏洞，官网也存在，不过不知道补了没，上次路过被发现了

后台验证过程
Public Function AdminIsLogin()

         If Trim(AdminName) = "" Then

                 AdminIsLogin = 0'没有登陆

         Else

                 If AdminLogin(AdminName,AdminPwd,"IsCheck")<>-1 Then

                         AdminIsLogin = 0'Cookies错误

                 Else

                         AdminIsLogin = -1'已经登陆

                 End If

         End If

End Function

Public Function AdminLogin(sAdminName,sAdminPwd,sType)

         AdminName = sAdminName

         Sql = "select * from Ok3w_Admin where AdminName=? and AdminPwd=?"

         Set AdminCmd = Server.CreateObject("Adodb.Command")

         AdminCmd.ActiveConnection = Conn

         AdminCmd.CommandType = 1

         AdminCmd.CommandText = Sql

         AdminCmd.Parameters.Append(AdminCmd.CreateParameter("@AdminName",200,1,50,sAdminName))

         AdminCmd.Parameters.Append(AdminCmd.CreateParameter("@AdminPwd",200,1,50,sAdminPwd))

         Set AdminRs = Server.CreateObject("Adodb.RecordSet")

         Set AdminRs = AdminCmd.Execute

         response.write sAdminName&" "&sAdminPwd&""

         response.write AdminCmd.CommandText

         Set AdminCmd = Nothing

         If AdminRs.Eof And AdminRs.Bof Then

         AdminLogin = 1'用户名或密码错误

         Else

                 If AdminRs("AdminLock") Then

                               AdminLogin = 2'用户被锁定

                 Else

                         Response.Cookies("Ok3w")("AdminId") = AdminRs("AdminId")

                         Response.Cookies("Ok3w")("AdminName") = AdminRs("AdminName")

                         Response.Cookies("Ok3w")("AdminPwd") = AdminRs("AdminPwd")

                         Response.Cookies("Ok3w")("GroupId") = AdminRs("GroupId")

                         If sType="IsLogin" Then Call AdminActionLog("成功登陆")