CVE-2007-1603

admin/contest.php in Weekly Drawing Contest 0.0.1 allows remote attackers to bypass authentication, and insert new contest information into a database, via a direct POST request.

Date published : 2007-03-22

http://www.securityfocus.com/archive/1/462702/100/100/threaded

http://securityreason.com/securityalert/2453