2007-03-16 21:00:00
mitre
PUBLISHED
Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set.