2006-01-19 06:00:00
mitre
PUBLISHED
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1.