2006-01-19 01:00:00
mitre
PUBLISHED
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1.