Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1. Date published : 2006-02-28 http://www.securityfo