...
If validuser is actually a valid user name, this will select the validuser record in the table. The hashed password will never be checked because the expression '1'='1' is always true. Consequently the attacker is granted the access of validuser.
In order to To comply with guideline MSC05-J. Store passwords using a hash function, the passwords would have to be hashed. Unfortunately, on many small systems, they are not, and so the password text added in the query string would match precisely what the user enters. An attacker could supply a string for <PASSWORD> such as:
...