2007-04-12 19:00:00
mitre
PUBLISHED
admin.php in pL-PHP beta 0.9 allows remote attackers to bypass authentication by setting the is_admin parameter to 1.